Kid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 8 days ago7-Zip Zero-Day Exploit Allegedly Leaked Onlinecybersecuritynews.comexternal-linkmessage-square3fedilinkarrow-up153arrow-down14
arrow-up149arrow-down1external-link7-Zip Zero-Day Exploit Allegedly Leaked Onlinecybersecuritynews.comKid@sh.itjust.worksM to Cybersecurity@sh.itjust.worksEnglish · 8 days agomessage-square3fedilink
minus-squarethemelm@sh.itjust.workslinkfedilinkEnglisharrow-up24·8 days agoThe dev appears to think this is a fake exploit generated by LLM/AI https://sourceforge.net/p/sevenzip/bugs/2539/
minus-squarewizardbeard@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up7·8 days agoBased off a small technicality with one of the comments in the code. The “function” referenced is actually a macro.
minus-squareHackerJoe@sh.itjust.workslinkfedilinkEnglisharrow-up4·6 days agoIt’s nonsense: https://xcancel.com/Seifreed/status/1874245336291488179 The LZMA implementation already validates bounds elsewhere (bufLimit). If p->buf exceeds its limit, the program aborts the decompression safely. 🚫 The claim of unchecked memory access is baseless.
The dev appears to think this is a fake exploit generated by LLM/AI
https://sourceforge.net/p/sevenzip/bugs/2539/
Based off a small technicality with one of the comments in the code. The “function” referenced is actually a macro.
It’s nonsense:
https://xcancel.com/Seifreed/status/1874245336291488179