Bugs on 2ourc3

CVE-2025-43254 - OOB-RW in MacOS libmacho.dylib

Thu, 15 Jan 2026 13:50:07 +0100

Summary

CVE: CVE-2025-43254
Component: libmacho.dylib
Vulnerability Type: Out-of-bounds memory access
Vendor: Apple
Severity: Medium
Product: macOS
Affected Versions: Sonoma, Sequoia, Ventura
Fix Status: Fixed by vendor (Apple Security Update)
Credit: 2ourc3

Description

A security vulnerability has been identified in macOS’s libmacho.dylib. The bug allows an attacker to trigger an out-of-bounds memory access using a specially crafted Mach-O fat binary, potentially leading to information disclosure or remote code execution (depending on memory layout and exploitation constraints).

CVE-2024-6773 - Type confusion in V8 Turboshaft

Thu, 15 Jan 2026 19:00:00 +0100

Summary

CVE: CVE-2024-6773 Component: V8 Turboshaft (Load Elimination) Vulnerability Type: Type confusion → memory corruption (stale pointer across GC) Vendor: Google Product: Chrome / V8 JavaScript Engine Affected Versions: Chrome versions prior to M126 Fix Status: Fixed (V8 main + backports to M126 Stable / M127 Beta) Severity: Chrome S1 Credit: Salim Largo (2ourc3)

Description

CVE-2024-6773 is a critical type confusion vulnerability in the V8 Turboshaft compiler pipeline, specifically within the Load Elimination optimization phase.

CVE-2024-11612 - Infinite loop DoS in 7-Zip CopyCoder

Thu, 15 Jan 2026 19:00:00 +0100

Summary

CVE: CVE-2024-11612 Component: 7-Zip (CopyCoder / stream processing) Vulnerability Type: Infinite loop → Denial of Service (DoS) Vendor: 7-Zip Product: 7-Zip Impact: Unbounded decompression loop / CPU hang Discoverer / Credit: 2ourc3 (Salim Largo) Disclosure: Reported via Zero Day Initiative (ZDI) Advisory: ZDI-24-1606

Description

During a fuzzing campaign against 7-Zip, an input was discovered that causes the decompression process to run forever. When the crafted archive is opened, 7-Zip remains stuck in a “decompressing” state without terminating, resulting in a denial-of-service condition.

CVE-2024-53589 - Buffer overflow in GNU Objdump tekhex

Thu, 15 Jan 2026 13:49:50 +0100

Summary

CVE: CVE-2024-53589
Component: objdump / BFD tekhex parser
Vulnerability Type: Buffer overflow / out-of-bounds read
Vendor: GNU Project
Product: GNU Binutils
Affected Versions: 2.43 (and potentially earlier)
Fix Status: Fixed (commit e0323071916878e0634a6e24d8250e4faff67e88)
Credit: 2ourc3

Description

A vulnerability exists in GNU Binutils’ objdump utility when processing tekhex format files. The issue occurs inside the Binary File Descriptor (BFD) library’s tekhex parser during format identification.

In the failing case, the parser attempts to read 8 bytes from an address that precedes the global variable _bfd_std_section, resulting in an out-of-bounds read. This invalid read is reachable with a crafted tekhex file and can be triggered simply by running objdump on the file.