The short of the #Crowdstrike thing from this report is they shipped a file with 20 lines in it that was supposed to have 21 lines causing a buffer overflow random memory read before crashing.
They promise said buffer overflow read wasn't a security problem (they asked someone to "independently verify" but don't say who) and they added a line count check to their CI a little over a week after the incident.
Scott Williams 🐧 /
npub1hm…msatr
2024-08-07 18:25:16
Author Public Key
npub1hmhz33j9p66ayxlegfuarul5refyepatlp3e8q6mghn2r6vrjrns0msatrPublished at
2024-08-07 18:25:16Event JSON
{
"id": "1c60b164326718642a1300fa9e735586f84e6f5fde8945e7ac037c0b4722bdc5",
"pubkey": "beee28c6450eb5d21bf94279d1f3f41e524c87abf86393835b45e6a1e98390e7",
"created_at": 1723055116,
"kind": 1,
"tags": [
[
"t",
"crowdstrike"
],
[
"proxy",
"https://mastodon.online/users/vwbusguy/statuses/112922140125138789",
"activitypub"
]
],
"content": "The short of the #Crowdstrike thing from this report is they shipped a file with 20 lines in it that was supposed to have 21 lines causing a buffer overflow random memory read before crashing. \n\nThey promise said buffer overflow read wasn't a security problem (they asked someone to \"independently verify\" but don't say who) and they added a line count check to their CI a little over a week after the incident.",
"sig": "0f554c0cccf099c7efc74d59ea6b2886aa46252e8718a19f2b11ba3f629421810ec06f40509f9006ee88f45a885b39471327f08c030d9df093ad7113157c9b70"
}