RC RANDOM CHAOS

heap-overflow

4 posts

#gerpar trended this week; PartitionAlloc already answers it
Article

#gerpar trended this week; PartitionAlloc already answers it

A. Shah (REDLINE) tests the trending #gerpar Chromium heap-overflow claim against PartitionAlloc, CFI, the V8 sandbox, and renderer isolation.

A few bytes spill onto the next heap chunk
Article

A few bytes spill onto the next heap chunk

Technical writeup of CVE-2026-42945, the NGINX rewrite module heap overflow, plus what it means for LLM deployments sitting behind the proxy.

NGINX ships emergency patch for HTTP/3 heap overflow
Article

NGINX ships emergency patch for HTTP/3 heap overflow

CVE-2026-42945 technical analysis: heap overflow in NGINX HTTP/3 HEADERS frame parsing, worker RCE primitive, telemetry gaps, and patch boundary.

Patching nginx doesn't close this one
Article

Patching nginx doesn't close this one

CVE-2026-42945 NGINX rewrite module heap buffer overflow: bug mechanism, exploit primitives, MITRE mapping, and EDR telemetry blind spots in worker exploitation.