This Week in Security: uTorrent Vulnerable, Crowd-Sourcing Your Fail2Ban, and Cryptographers at Casinos
The uTorrent client was recently updated to fix a null pointer dereference (CVE-2020-8437), discovered by [whtaguy]. Triggering the dereference simply crashes the client — so far an actual RCE hasn’t been found. Given the nature of the null pointer dereference, it’s possible this bug is limited to denial of service. …read more