CVE-2021-32471 發了一個 1967 年電腦的安全性漏洞？

3 years ago

source link: https://blog.gslin.org/archives/2021/05/11/10150/cve-2021-32471-%e7%99%bc%e4%ba%86%e4%b8%80%e5%80%8b-1967-%e5%b9%b4%e9%9b%bb%e8%85%a6%e7%9a%84%e5%ae%89%e5%85%a8%e6%80%a7%e6%bc%8f%e6%b4%9e%ef%bc%9f/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

CVE-2021-32471 發了一個 1967 年電腦的安全性漏洞？

在 Hacker News 首頁上看到好幾則都在講 CVE-2021-32471：

Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications."

等下，今天不是四月第一天啊，現在已經五月多了啊...

更新 Sudo (CVE-2021-3156)

Sudo 這次的安全性漏洞頗痛的：「CVE-2021-3156: Heap-Based Buffer Overflow in Sudo (Baron Samedit)」。依照 Sudo Security Alerts 這邊的說明，這次的漏洞只要是本機有執行權限的人都有機會打穿，不需要有 sudo 帳號權限： A potential security issue exists in sudo that could be used by a local user to gain root privileges even when not listed in the sudoers file. Affected sudo versions are 1.8.2 through 1.8.31p2…

January 27, 2021

In "Computer"

英國五十英鎊鈔票圖案 (Alan Turing) 釋出

Twitter 上看到圖案釋出了： The new £50 note featuring Alan Turing is coming on 23 June 2021. Find out about its design and security features: https://t.co/nbOlU9kgCU #TheNew50 pic.twitter.com/FhPBJAVFP6— Bank of England (@bankofengland) March 25, 2021 官網上有放出背面圖案： 2021/06/23 上，可以考慮收一張起來...

March 26, 2021

In "Computer"

iOS 透過無線網路的 RCE...

在「About the security content of iOS 10.3.1」這邊的說明： Available for: iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation and later Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A stack buffer overflow was addressed through improved input…

April 4, 2017

In "Computer"

Author Gea-Suan LinPosted on May 11, 2021Categories Computer, Joke, Murmuring, Recreation, Security, SoftwareTags computer, cve, machine, security, turing, universal

一個同人社團解散了，作品版權歸誰？ - 知乎

有问题，上知乎。知乎是中文互联网知名知识分享平台，以「知识连接一切」为愿景，致力于构建一个人人都可以便捷接入的知识分享网络，让人们便捷地与世界分享知识、经验和见解，发现更大的世界。

www.infoq.cn 5 years ago
Cache

超级碗历史数据集分析（1967~2020 年）

有没有想过自己对某个好玩的历史数据集进行分析呢？比如，历届春晚的历史数据集，看看谁上春晚次数多，谁人气最高等等，可是分析的思路又该是什么样的呢？InfoQ 带来了 Sadrach Pierr 博士的文章，虽然不是对春晚的历史数据集分析，但思路...

benchlife.info 4 years ago
Cache

最後一個 14nm 製程平台，Intel Core i9-11900K 與 Intel Core i5-11600K 媒體版開箱

最後一個 14nm 製程平台，Intel Core i9-11900K 與 Intel Core i5-11600K 媒體版開箱面對顯示卡缺貨，Intel 這時間推出 11 代 Core 系列處理器，似乎有點。。。 Intel 第一個支援 PCIe Gen4 的消費性桌上型處理器，Rocket Lak...