The Discovery of Zenbleed ft. Tavis Ormandy

How did Tavis Ormandy fuzz CPUs to discover Zenbleed? In this video we learn about the techniques to make this work!

Watch part 2:    • Zenbleed (CVE-2023-20593)  

buy my font (advertisement): https://shop.liveoverflow.com/

This video is sponsored by Google: https://security.googleblog.com/2023/...

Original Zenbleed Writeup: https://lock.cmpxchg8b.com/zenbleed.html

AMD Security Bulletin: https://www.amd.com/en/resources/prod...
Tavis Ormandy:   / taviso  
Sudoedit Exploit Series:    • Sudo Vulnerability Walkthrough  
Documented Intel Performance Counters: https://perfmon-events.intel.com/skyl...
RIDL Video:    • How The RIDL CPU Vulnerability Was Found  

Chapters:
00:00 - Intro
01:22 - Zenbleed Proof of Concept
03:06 - Tavis Ormandy
04:18 - How Fuzzing Works
06:31 - CPU Performance Counters
11:06 - Detect Bugs with "Oracle Serialization"
15:09 - Fuzzing and Discovering Zenbleed
18:46 - Outro

=[ ❤️ Support ]=

→ per Video:   / liveoverflow  
→ per Month:    / @liveoverflow  

2nd Channel:    / liveunderflow  

=[ 🐕 Social ]=

→ Twitter:   / liveoverflow  
→ Streaming: https://twitch.tvLiveOverflow/
→ TikTok:   / liveoverflow_  
→ Instagram:   / liveoverflow  
→ Blog: https://liveoverflow.com/
→ Subreddit:   / liveoverflow  
→ Facebook:   / liveoverflow