macOS Kernel Vulnerability CVE-2024-54507: A Ghostly sysctl Overread
2025-01-23
A security researcher uncovered a fascinating vulnerability (CVE-2024-54507) in the XNU kernel of macOS 15.0. The bug resides within the `sysctl_udp_log_port` function, where an integer type confusion leads to a 4-byte read instead of the expected 2-byte read of a `uint16_t` variable, resulting in a 2-byte out-of-bounds read. An attacker could exploit this to read parts of kernel memory; while the contents depend on linker behavior and system configuration, it could still leak sensitive data. Apple patched this vulnerability in macOS 15.2 and iOS 18.2.
Read more
(jprx.io)
Tech
kernel vulnerability