Зарегистрируйтесь сейчас для лучшей персонализированной цитаты!

Vulnerability Deep Dive: Exploiting the Apple Graphics Driver and Bypassing KASLR

Apr, 07, 2016 Hi-network.com

Cisco Talos vulnerability researcher Piotr Bania recently discovered a vulnerability in the Apple Intel HD 3000 Graphics driver, which we blogged about here. In this post we are going to take a deeper dive into this research and look into the details of the vulnerability as well as the KASLR bypass and kernel exploitation that could lead to arbitrary local code execution. These techniques could be leveraged by malware authors to bypass software sandbox technologies, which can simply be within the software program (browser or application sandbox) or at the kernel level.

In the course of conducting our research, Talos found that Apple OSX computers with Intel HD Graphics 3000 GPU units possess a null pointer dereference vulnerability (in version 10.0.0) as presented below:

Read More


tag-icon Горячие метки: яблоко Cisco Talos Talos 0-day proof of concept vulnerability disclosure KASLR bypass

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.