tags:macosXNUheap_overflow original link: CVE-2024-27815: A Buffer Overflow in the XNU Kernel newsletter link: exploits.club Weekly Newsletter 27
Exploits Club Summary:
@0xjprx just published an overflow he found in the XNU kernel. The bug manifests due to the mixup of two, very similar-looking variable names (
MSIZE andÂMLEN). Apple introduced the bug by adding a size check onÂMSIZE, which actually is the size of an entire message buffer (header and data), and not just the buffer (which would beâŠyou guessed itâŠMLEN). The post includes a crash PoC and the patch released by Apple.