A tale of a simple Apple kernel bug

Earlier this year, Researchers discovered a flaw in XNU, which is the kernel that Apple uses on both macOS and iOS. While it’s not a particularly complicated flaw, he wanted to explain how he discovered it and how it works.

Within the memdev.c file (the ramdisk device driver), I found the source of the vulnerability, which was a write/read operation that exceeded the allowed range. Why are ramdisks such an intriguing target to look at? If you identify a bug in the driver, it may give you the ability to execute code in the kernel. Additionally, on some systems, you may be able to construct ramdisks with particular settings such that it is mapped to physical memory, which may give you the ability to read and write data to physical memory.

This post was created with our nice and easy submission form. Create your post!

What do you think?

Posted by SH

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

T/IP Protocol RCE Vulnerability CVE-2022–34718

Analysis of a Samsung in-the-wild exploit chain