iOS and MacOS suffer from a kernel heap overflow in PF_KEY due to lack of bounds checking when retrieving statistics.
09930d55fbbd4be1e53ae5ebe0b2a4bfXNU vm_map_copy optimization which requires atomicity is not atomic. This violates the semantics of mach message OOL memory, and leads to TOCTOU issues which can lead to memory corruption.
de2284e251a10f0384f76a0857085c48iOS and MacOS suffers from sandbox escape vulnerabilities due to type confusions and memory safety issues in iohideventsystem.
182ae62c76265741d73f711225502a7flibxpc on MacOS version 10.14.1 suffers from an arbitrary mach port name deallocation in XPC services due to invalid mach message parsing in _xpc_serializer_unpack.
5aaf10f078ba260537df0d15456c6e15The Apple Intel GPU driver suffers from use-after-free and double-delete issues due to bad locking.
b351e27cbcb6569d7e176048b1d1639fiOS and macOS suffers from a sandbox escape due to trusted length field in shared memory used by the HID event subsystem.
d02085ca3eebe96590a6bfad12954bf6iOS suffers from a kernel stack memory disclosure due to failure to check copyin return value.
dabae5d2d2f7dfbc02093d00e56e96e6iOS and macOS suffer from a sandbox escape vulnerability due to failure to comply with MIG object lifetime semantics in the iohideventsystem_client subsystem.
b9de50e80a2ea80f7f9468bd16b597e3iOS and macOS suffer from sandbox escape vulnerabilities due to MIG failing to use correct out-of-line descriptor lengths when parsing reply messages.
4f22a8f810b85991d35e76ab7b9861b4iOS and macOS suffers from a kernel memory corruption vulnerability due to integer overflow in IOHIDResourceQueue::enqueueReport.
eaf771ae19474d20de705e51b77b51d3iOS and macOS suffers from a sandbox escape vulnerability due to mach message sent from shared memory.
212667e2b57588da87c0742e251ac563The iOS kernel suffers from a use-after-free vulnerability due to bad error handling in personas.
00aa8ae882f2b6020f3e4a12749da1eeThe macOS and iOS kernels suffer from a heap overflow due to a lack of lower size check in getvolattrlist.
8bc2ddee4be107c0fed7f5978e377f2cThe XNU kernel suffers from a heap overflow vulnerability due to bad bounds checking in MPTCP.
449d61519abf2905830578f282b2544cThe macOS kernel suffers from a use-after-free vulnerability due to a lack of locking in the nvidia GeForce driver.
9df96b20c281d23bcd8105e681608b33macOS suffers from a double mach_port_deallocate in kextd due to failure to comply with MIG ownership rules.
3ed950f3129994df12395fa85baf3812macOS/iOS ReportCrash suffers from a mach port replacement due to failure to respect MIG ownership rules.
afd5e9434d99e4e48e8d1ec634a2c115Google software updater suffers from a local privilege escalation vulnerability on MacOS due to unsafe use of Distributed Objects.
f4d7f01c4f93843dc53c45e1355f3101The macOS kernel suffers from a use-after-free issue due to a lack of locking in AppleEmbeddedOSSupportHostClient::registerNotificationPort.
ea0f5075fd72108cc6b63fbdbbf36665macOS version 10.13 suffers from a kernel memory disclosure due to lack of bounds checking in AppleIntelCapriController::getDisplayPipeCapability.
64dd02ddcdb2646e983a2c6616d02c4amacOS and iOS suffer from a kernel double free vulnerability due to IOSurfaceRootUserClient not respecting MIG ownership rules.
184f6e2345e9d5d30fb5251e4ff335fcThe XNU kernel suffers from a memory corruption vulnerability due to an integer overflow in the __offsetof usage in posix_spawn on 32-bit platforms.
c638f3dbcc9363560aaf17fa6e01b0a5macOS / iOS suffer from multiple kernel use-after-free vulnerabilities due to incorrect IOKit object lifetime management in IOTimeSyncClockManagerUserClient.
91c42e10c5af4753d52cffa762abd8acThe macOS kernel suffers from a code execution vulnerability due to a lack of bounds checking in AppleIntelCapriController::GetLinkConfig.
5ae7dba93f843e9011a2eeac188240d3macOS and iOS suffer from a kernel double free due to incorrect API usage in flow divert socket option handling.
adea43dc13c8a03941deec88ab491ec2
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed