> Good on these companies to publish their findings straight away as I'd imagine that both bugs would have fetched quite a lot on the black market.
replyYou should read the other thread regarding copy fail and the gentoo maintainer. I haven't seen so many unhinged and outright rude comments on a security topic since the good old days of slashdot and x vs. y controversy of the day.
I wonder what the reason behind so much hostility is. Is it gentoo or the kernel folks or the fact that the company that found it used "AI"? No idea, but it was a weird read.
Especially weird when from their description they actually had an idea. ".splice()" and then just searched possibilities of that and then identified place and only then used AI to build something. Which they likely could have done manually too...
reply> You should read the other thread regarding copy fail and the gentoo maintainer
Do you have a link?
replyIt's this one: https://news.ycombinator.com/item?id=47965108
reply