FlagThis

A newly discovered vulnerability, dubbed Wallbleed, has been found within China's Great Firewall (GFW). This flaw allowed security researchers to access sensitive memory data, exposing internal censorship mechanisms. The vulnerability, an out-of-bounds read bug within the GFW's DNS injection subsystem, leaked up to 125 bytes of memory data from the censorship infrastructure. This provided an unprecedented look into how China censors internet content.

The Wallbleed vulnerability was actively exploited by a team of security professionals and academics starting in October 2021. They used it to learn about the GFW's inner workings, monitoring its infrastructure and observing attempts to patch the hole. This data-leaking flaw revealed insights into the GFW's CPU architecture, plain-text network traffic data extraction, and the capability of capturing traffic from millions of IP addresses in China.


References :

• CyberInsider: Wallbleed Flaw in China’s Great Firewall Exposed Private Data
• The Register - Security: Wallbleed vulnerability unearths secrets of China's Great Firewall 125 bytes at a time
• Talkback Resources: Wallbleed bug reveals secrets of China's Great Firewall [exp] [net]
• The Register: Wallbleed vulnerability unearths secrets of China's Great Firewall 125 bytes at a time Boffins poked around inside censorship engines for years before Beijing patched hole Smart folks investigating a memory-dumping vulnerability in the Great Firewall of China (GFW) finally released their findings after probing it for years.…
• AAKL: Smart folks investigating a memory-dumping vulnerability in the Great Firewall of China (GFW) finally released their findings after probing it for years.

Classification:

• HashTags: #Wallbleed #GreatFirewall #ChinaCensorship
• Company: China
• Target: China
• Product: Great Firewall
• Feature: Censorship
• Malware: Wallbleed
• Type: Vulnerability
• Severity: Major