1. Analysing CVE-2023-41991 2. Between 100k Linux hosts & firmware updates

Time/date update: Thursday (tomorrow) 24th at 6:30PM. This is a free event and no registration is required. Just turn up!

Well well well, if it isn’t the consequences of my own actions - Justin Steven from Tanto Security

The time when I got in the middle of 100,000 Linux machines and their LVFS firmware updates and then somehow bypassed the fwupd PGP signature checking :see_no_evil:. This talk is one from the vaults... In 2020, Justin had a serendipitous encounter with a dangling legacy AWS S3 bucket once owned by the Linux Vendor Firmware Service (LVFS). "What if I registered it," he thought. "What's the worst that could happen?" This is the story of how he wedged himself between 100,000 Linux machines and their firmware updates, stumbled upon a bypass in fwupd's PGP-based firmware update signature checking, traced the flaw back to its root cause, and ultimately returned the bucket to its original owner. Previously presented at CrikeyCon 2025.

Two presentations for the April Ruxmon event.

Analysing CVE-2023-41991 - The Second CoreTrust Bug - Joseph Surin

Code signing is a security feature designed to protect users against malicious code being run on their devices. CoreTrust is a component of Apple's code signing implementation which performs parts of the certificate validation. Since it's introduction in iOS 12, there have been two publicly known bugs in CoreTrust. This talk provides an analysis of the second CoreTrust bug, which was actively exploited in 2023.

Drinks

The Ruxmon attendees go to The Last Jar (616 Elizabeth St, Melbourne VIC 3000) to socialise after the talks. See you there.

Streaming

If you can't attend the event in person the talks will be streamed in the "ruxmon-stream" voice channel in the Ruxcon Discord in the day of the event! (join now by clicking here: https://discord.gg/3J4qCfBA)