Supply Chain Security - Ivan Arce - PSW #781 - podcast episode cover

Supply Chain Security - Ivan Arce - PSW #781

Paul's Security Weekly (Video)
Apr 20, 202358 min
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

We will talk about Supply chain security, the TPM 2.0 vulnerabilities recently discovered by a Quarkslab researcher, bugs in reference implementations, vulnerability disclosure and perhaps various other topics.

Segment Resources:

Vulnerabilities in the TPM2.0 reference implementation

 https://blog.quarkslab.com/vulnerabilities-in-the-tpm-20-reference-implementation-code.html

Vulnerabilities in High Assurance Boot of NXP i.MX microprocessors

https://blog.quarkslab.com/vulnerabilities-in-high-assurance-boot-of-nxp-imx-microprocessors.html

Heap memory corruption in ASN.1 parsing code generated by Objective Systems Inc. ASN1C compiler for C/C++

 https://github.com/programa-stic/security-advisories/blob/master/ObjSys/CVE-2016-5080/README.md

 

Visit https://www.securityweekly.com/psw for all the latest episodes!

Show Notes: https://securityweekly.com/psw781 

For the best experience, listen in Metacast app for iOS or Android