What's in a bug?


CSE 598 - AVR - Fall 2025.

Bugs often rear themselves in sparcely-maintained, but prominently used infrastructure. Often, such infrastructure takes the form of small, little-known libraries handling specific functionality for larger, well-known projects. One such example is libcue and CVE-2023-43641.

In real life, the actual attack vector was a part of gnome. Here, we've provided the parse_cue program. Understand this bug, understand the software around it, and trigger the crash. If you can segfault parse_cue, you will earn the flag!

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank Hacker Badges Score