-
@ ch0k1
2025-02-13 10:54:03
US govt wants developers to stop coding 'unforgivable' bugs
https://www.theregister.com/2025/02/13/fbi_cisa_unforgivable_buffer_overflow/
US authorities have labelled buffer overflow vulnerabilities "unforgivable defects”, pointed to the presence of the holes in products from the likes of Microsoft and VMware, and urged all software developers to adopt secure-by-design practices to avoid creating more of them.
Buffer overflow vulnerabilities occur when software unexpectedly writes more data to memory storage than has been allocated for that data. The extra information spills into other memory, altering it. Smart attackers can feed carefully crafted data into software with these bugs to hijack the flow of the program so that it can be made to do malicious things, or simply crash it.
originally posted at https://stacker.news/items/884564