CommunityNews

CommunityNews

Get root on macOS 12.3.1: proof-of-concepts for Linus Henze’s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763)

Get root on macOS 12.3.1: proof-of-concepts for Linus Henze’s CoreTrust and DriverKit bugs (CVE-2022-26766, CVE-2022-26763).
Here are two proof-of-concepts for CVE-2022-26766 (CoreTrust allows any root certificate) and CVE-2022-26763 (IOPCIDevice::_MemoryAccess not checking bounds at all), two issues discovered by @LinusHenze and patched in macOS 12.4 / iOS 15.5.

Read in full here:

This thread was posted by one of our members via one of our news source trackers.

Where Next?

Popular Macos topics Top

First poster: bot
Apple sues NSO Group to curb the abuse of state-sponsored spyware. Apple today filed a lawsuit against NSO Group to hold it accountable ...
New
New
First poster: AstonJ
Moving a macOS window by clicking anywhere on it (like on Linux). Today I learned that since macOS High Sierra onwards you can move a wi...
New
First poster: bot
Apple Music has quietly increased the price of its student plan in the United States, Canada and the United Kingdom. In the United States...
New
New
New
First poster: bot
Apple builds new ad empire after kneecapping competitors. The tech giant is ramping up an ad business just as its iPhone privacy policy ...
New
First poster: bot
Cupertino accused of “playing with fire” if it buys data storage components from YMTC.
New
First poster: DevotionGeo
The new Mac Pro chip could double or quadruple the power of the M2 Max. Apple’s expected to launch the new Mac Pro next year.
New
First poster: bot
The UK competition watchdog launches a market investigation into cloud gaming and mobile browsers.
New

Other popular topics Top

siddhant3030
I’m thinking of buying a monitor that I can rotate to use as a vertical monitor? Also, I want to know if someone is using it for program...
New
Margaret
Hello content creators! Happy new year. What tech topics do you think will be the focus of 2021? My vote for one topic is ethics in tech...
New
AstonJ
Seems like a lot of people caught it - just wondered whether any of you did? As far as I know I didn’t, but it wouldn’t surprise me if I...
New
wmnnd
Here’s the story how one of the world’s first production deployments of LiveView came to be - and how trying to improve it almost caused ...
New
mafinar
This is going to be a long an frequently posted thread. While talking to a friend of mine who has taken data structure and algorithm cou...
New
New
PragmaticBookshelf
Author Spotlight: Tammy Coron @Paradox927 Gaming, and writing games in particular, is about passion, vision, experience, and immersio...
New
PragmaticBookshelf
Author Spotlight: Sophie DeBenedetto @SophieDeBenedetto The days of the traditional request-response web application are long gone, b...
New
New
AstonJ
This is a very quick guide, you just need to: Download LM Studio: https://lmstudio.ai/ Click on search Type DeepSeek, then select the o...
New