CommunityNews

CommunityNews

Get root on macOS 12.3.1: proof-of-concepts for Linus Henze’s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763)

Get root on macOS 12.3.1: proof-of-concepts for Linus Henze’s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763).
Here are two proof-of-concepts for CVE-2022-26766 (CoreTrust allows any root certificate) and CVE-2022-26763 (IOPCIDevice::_MemoryAccess not checking bounds at all), two issues discovered by @LinusHenze and patched in macOS 12.4 / iOS 15.5.

Read in full here:

This thread was posted by one of our members via one of our news source trackers.

Where Next?

Popular Macos topics Top

First poster: bot
The iPhone 12 announcement might be right around the corner. Tech experts predict Apple will reveal this new line of mobile devices durin...
New
First poster: bot
Introduction to Apple Silicon · AsahiLinux/docs Wiki. Hardware and software docs / wiki. Contribute to AsahiLinux/docs development by cr...
New
New
First poster: bot
Apple’s Private Relay can cause the system to ignore firewall rules - Blog | Mullvad VPN. Apple’s Private Relay (Beta) feature calls hom...
New
First poster: bot
Apple’s macOS Ventura | 7 New Security Changes to Be Aware Of. With macOS 13, Apple have made some bold and potentially disruptive chang...
New
First poster: bot
Process injection: breaking all macOS security layers with a single vulnerability. If you have created a new macOS app with Xcode 13.2, ...
New
First poster: bot
GitHub - koekeishiya/yabai: A tiling window manager for macOS based on binary space partitioning. A tiling window manager for macOS base...
New
New
First poster: bot
FUSE-T. Abstract FUSE-T is a kext-less implementation of FUSE for macOS that uses NFS v4 local server instead of a kernel extension. ...
New
New

Other popular topics Top

Exadra37
Please tell us what is your preferred monitor setup for programming(not gaming) and why you have chosen it. Does your monitor have eye p...
New
New
PragmaticBookshelf
Rust is an exciting new programming language combining the power of C with memory safety, fearless concurrency, and productivity boosters...
New
gagan7995
API 4 Path: /user/following/ Method: GET Description: Returns the list of all names of people whom the user follows Response [ { ...
New
rustkas
Intensively researching Erlang books and additional resources on it, I have found that the topic of using Regular Expressions is either c...
New
PragmaticBookshelf
Build efficient applications that exploit the unique benefits of a pure functional language, learning from an engineer who uses Haskell t...
New
PragmaticBookshelf
Author Spotlight Mike Riley @mriley This month, we turn the spotlight on Mike Riley, author of Portable Python Projects. Mike’s book ...
New
First poster: bot
Large Language Models like ChatGPT say The Darnedest Things. The Errors They MakeWhy We Need to Document Them, and What We Have Decided ...
New
PragmaticBookshelf
Author Spotlight: Sophie DeBenedetto @SophieDeBenedetto The days of the traditional request-response web application are long gone, b...
New
PragmaticBookshelf
Develop, deploy, and debug BEAM applications using BEAMOps: a new paradigm that focuses on scalability, fault tolerance, and owning each ...
New