Hacker News new | ask | show | jobs
by Macha 1008 days ago
It feels like this bug has only really flown down under the radar because the discoverers are not in the habit of giving bugs names and landing pages. Both because of level of access (remote code execution), the vector (image rendering, often done with untrusted data) and the widespread nature of the affected library.
2 comments
jsnell 1008 days ago
Did it really fly under the radar? It was widely reported in the mainstream media. There were at least two "top of HN frontpage" submissions on it.

https://news.ycombinator.com/item?id=37425007

https://news.ycombinator.com/item?id=37478403

link
mmsc 1008 days ago
I would argue that it has flown under the radar because it has only been contextualized with respect to Chrome and iOS. The issue has and continues to affect many other critical places, including server-side image processing services.
link
Macha 1008 days ago
Compared to the likes of log4shell, shellshock or heartbleed, yes. It feels like the immediately exploit possibility of it is arguably more than heartbleed, but I don't see every security person chasing after it in the same way.

I've been following the progress of some of the fixes in apps I use and it's meandering through intermediates at an urgency that is more akin to the ssh 9.1p1 vulnerability which required peopel to ssh into an affected server.

link
pvg 1008 days ago
It's nothing close to heartbleed which was 'extract key material from every TLS-serving endpoint in the universe'. There are almost certainly exploitable buffer overflows in whatever device you're using right now.
link
jandrese 1008 days ago
BLASTPASS is an ok exploit name, but it is kinda specific. People might think it was only about bypassing BlastDoor on iPhones. A better name might have been something like "WebPwn", which would have made it much more clear that it was a vulnerability in the image format.
link
olliej 1008 days ago
WebPwn is a great name and I almost want a direct RCE in WebP just so it can get that name
link
halJordan 1008 days ago
Blastpass is the exploit that broke open Blastdoor. The webp exploit is just a neat privilege escalation after you blastdoor'd the target.
link
AdmiralAsshat 1008 days ago
"BLASTPASS" made me initially think it was the exploit used to breach LastPass.
link