Fysac
@fysac.bsky.social
I’m a security engineer interested in vulnerability research, cryptography, and software engineering, among other things. I sometimes post about my research here: https://fysac.github.io
Exploit demo for CVE-2024-51317, a use-after-free in the NetSurf web browser enabling arbitrary code execution when JavaScript is enabled. Target is NetSurf 3.11 on Ubuntu 22.04.
Patched in upstream source code, still making its way to distro packages. To mitigate, disable JS (off by default).
Patched in upstream source code, still making its way to distro packages. To mitigate, disable JS (off by default).
November 3, 2025 at 8:08 PM
Exploit demo for CVE-2024-51317, a use-after-free in the NetSurf web browser enabling arbitrary code execution when JavaScript is enabled. Target is NetSurf 3.11 on Ubuntu 22.04.
Patched in upstream source code, still making its way to distro packages. To mitigate, disable JS (off by default).
Patched in upstream source code, still making its way to distro packages. To mitigate, disable JS (off by default).