IORegistryIterator race condition vulnerability analysis and exploit-vulnerability warning-the black bar safety net

Author: shrekwzw@360NirvanTeam 0x00 description CVE-2 0 1 5-7 0 8 4 is due to the IORegistryIterator the user does not consider the state of multiple threads simultaneously call the case, causing a Race Condition that can lead to arbitrary code execution. Vulnerability exists in MAP version 3 2 4...

Apple Mac OSX / iOS Kernel - iokit Registry Iterator Manipulation Double-Free

/ Source: https://code.google.com/p/google-security-research/issues/detail?id=598 The userspace MIG wrapper IORegistryIteratorExitEntry invokes the following kernel function: kernreturnt isioregistryiteratorexitentry ioobjectt iterator bool didIt; CHECK IORegistryIterator, iterator, iter ; didIt ...