Techly NewsGet the app

Get the latest tech news

Susctl CVE-2024-54507: A particularly 'sus' sysctl in the XNU kernel


A very sus sysctl in the XNU kernel.

Every time Apple releases a new version of XNU, I run a custom suite of tests under an address sanitizer to see if I can spot any regressions, or even possibly new bugs. When writing a SYSCTL_PROC, you are responsible for validating user requests, updating the kernel state, and returning values to userspace. Even though the authors were careful to prevent integer overflows, information leakage was still possible due to the initial 4-byte load.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of sysctl

sysctl

Photo of xnu kernel

xnu kernel

Photo of sus

sus

Related news:

News photo

A buffer overflow in the XNU kernel

News photo

We have reached OpenBSD of Theseus

Surface-Stable Fractal Dithering »