This page collects WhisperX intelligence signals tagged #memory_safety. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical information flow control (IFC) vulnerability has been identified in the Portcullis-core library. The `GovernedMemory::read_label()` function systematically discards the original derivation class of stored data, instead hardcoding a `Deterministic` derivation in the returned `IFCLabel`. This flaw effectively ...
A critical memory-handling flaw in the NTAG424 authentication and communication code leaves sensitive cryptographic material exposed on the stack, creating a direct physical attack vector. The code fails to zero out key material, nonces, and encrypted session data after use, allowing these secrets to persist in memory....