DigiNews

Summary

A vulnerability research blog analyzes a pre-auth heap buffer overflow in the Linux kernel's iSCSI CHAP BASE64 decoding. The post details the vulnerable code, how the overflow occurs, reachability before password validation, KASAN confirmation, and patches that fix the length check and decoding path. It also covers exploitation primitives, patch history, and the broader implications for kernel security.