0day Exploit Root Cause Analyses

Posted by Maddie Stone, Project Zero (2020-07-27)

Beginning in 2019, Project Zero began a program to systematically study 0-day exploits that are used in the wild. It’s another way we’re trying to make 0-day hard. We published our tracking spreadsheet for recording publicly known cases of detected 0-day exploits. Today we’re beginning to share the root cause analyses we perform on these detected 0-day exploits. To better understand our approach and reasoning behind these analyses, please read this blog post

Date Published
CVE
Title
Link
2020-07-29
CVE-2019-7286
iOS use-after-free in CFPrefsDaemon
2020-07-29
CVE-2019-7287
iOS buffer overflow in ProvInfoIOKitUserClient
2020-07-29
CVE-2019-11707
Firefox type confusion in Array.pop
2020-07-29
CVE-2019-1367
JScript use-after-free in Internet Explorer
2020-07-29
CVE-2019-2215
Android use-after-free in Binder
2020-07-29
CVE-2019-13720
Chrome use-after-free in webaudio
2020-07-29
CVE-2019-1429
JScript use-after-free in Internet Explorer (See CVE-2019-1367)
2020-07-29
CVE-2019-1458
Windows win32k uninitialized variable in task switching
2020-08-05
CVE-2019-17026
Firefox Type Confusion in IonMonkey
2020-08-05
CVE-2020-0674
JScript Use-after-Free in Internet Explorer
2020-08-05
CVE-2020-6820
Firefox UAF in Cache
2020-08-24
CVE-2020-1380
Internet Explorer JScript9 UAF
2020-09-02
CVE-2020-0986
Windows splwow64 Untrusted Pointer Dereference

We will continue to publish new root cause analyses as they are completed, hopefully in a very timely manner. We hope other researchers who detect and/or analyze 0-day exploits will also publish this information to better inform actions and decision making in the security and tech communities. The template that we use is available here. Please see the blog post linked in the first paragraph for more information.

Our goal is that this information helps the security and technical communities. Please reach out with any feedback or suggestions.

No comments:

Post a Comment