Apple macOS 10.12.1 iOS Kernel - host_self_trap Use-After-Free

Apple macOS 10.12.1 iOS Kernel - hostselftrap Use-After-Free / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1034 The task struct has a lock itklockdata, taken via the itklock macros which is supposed to protect the task-itk ports. The hostselftrap mach trap accesses...

macOS 10.12.1 / iOS Kernel - host_self_trap Use-After-Free Exploit

Exploit for multiple platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1034 The task struct has a lock itklockdata, taken via the itklock macros which is supposed to protect the task-itk ports. The hostselftrap mach trap accesses task-itkhost witho...

Memory corruption vulnerability in Apple iOS kernel

iOS is an operating system developed by Apple for mobile devices, and supported devices include iPhone, iPod touch, iPad, and Apple TV. A memory corruption vulnerability exists in the Apple iOS kernel prior to version 9.3.5, which can be exploited by an attacker to elevate privileges, execute...

Apple Mac OSX iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient

Apple Mac OSX iOS Kernel - UAF Racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=732 This is perhaps a more interesting UaF than just racing testNetBootMethod calls as there looks to be a...

Vulnerabilities of iOS and Mac OS X operating systems, which allow a hacker to execute arbitrary code in a privileged context

The multiple vulnerabilities in the kernels of iOS and Mac OS X operating systems are caused by numerical overflows. Exploitation of these vulnerabilities allows a malicious actor to execute arbitrary code in a privileged context using a specially created application...

iOS Kernel - AppleOscarGyro Use-After-Free

iOS Kernel - AppleOscarGyro Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=608 Panic log attached OS X advisory: https://support.apple.com/en-us/HT205731 iOS advisory: https://support.apple.com/en-us/HT205732 Proof of Concept:...

iOS Kernel - AppleOscarCompass Use-After-Free

Exploit for iOS platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=606 Panic log attached OS X advisory: https://support.apple.com/en-us/HT205731 iOS advisory: https://support.apple.com/en-us/HT205732 Proof of Concept:...

iOS Kernel - AppleOscarAccelerometer Use-After-Free

Exploit for iOS platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=607 Panic log attached OS X advisory: https://support.apple.com/en-us/HT205731 iOS advisory: https://support.apple.com/en-us/HT205732 Proof of Concept:...

iOS Kernel - AppleOscarCMA Use-After-Free

Exploit for iOS platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=605 Panic log attached OS X advisory: https://support.apple.com/en-us/HT205731 iOS advisory: https://support.apple.com/en-us/HT205732 Proof of Concept:...

iOS Kernel - IOHIDEventService Use-After-Free

Exploit for iOS platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=604 Panic log attached OS X advisory: https://support.apple.com/en-us/HT205731 iOS advisory: https://support.apple.com/en-us/HT205732 Proof of Concept:...

Apple iOS kernel memory corruption vulnerability (CNVD-2015-06075)

Apple iOS is the latest operating system that runs on Apple's iPhone and iPod touch devices. A memory corruption vulnerability exists in the Apple iOS kernel, which allows malicious attackers to exploit the vulnerability to execute arbitrary code...

Apple iOS v6.1 (10B143) - Pass Code Bypass Vulnerability 2

Document Title: =============== Apple iOS v6.1 10B143 - Pass Code Bypass Vulnerability 2 References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=875 Advisory http://www.vulnerability-lab.com/getcontent.php?id=874 Video Release Date: ============= 2013-02-21...

Absinthe Jailbreak for iPhone 4S Released

Less than three weeks after releasing a new jailbreak for iPhones running iOS 5.01, a team of researchers has now published a similar tool for jailbreaking the iPhone 4S and iPad2. The Absinthe jailbreak tool will allow users to run unsigned code on their devices and load apps from places other...