Subscribe via feed.
Archive for June, 2016

OS X AppleMuxControl.kext NULL Pointer Dereference

Posted by deepcore under Apple (No Respond)

There is an OS X exploitable kernel NULL pointer dereference in AppleMuxControl.kext.

Tags: , ,

OS X GeForce.kext NULL Pointer Dereference

Posted by deepcore under Apple (No Respond)

There is an OS X exploitable kernel NULL pointer dereference in nvCommandQueue::GetHandleIndex in GeForce.kext.

Tags: , ,

OS X Kernel Raw Cast Out-Of-Bounds Read

Posted by deepcore under Apple (No Respond)

Proof of concept demonstrating an OS X kernel out-of-bounds read of an object pointer due to insufficient checks in raw cast to enum type.

Tags: , ,

OS X IOAudioEngine NULL Pointer Dereference

Posted by deepcore under Apple (No Respond)

There is an OS X exploitable kernel NULL pointer dereference in IOAudioEngine.

Tags: , ,

OS X / iOS Kernel IOHDIXControllerUserClient Use-After-Free

Posted by deepcore under Apple (No Respond)

This is a proof of concept of an OS X / iOS kernel use-after-free racing getProperty on IOHDIXController and testNetBootMethod on IOHDIXControllerUserClient.

Tags: , ,

OS X AppleGraphicsDeviceControl NULL Pointer Dereference

Posted by deepcore under Apple (No Respond)

There is an OS X exploitable kernel NULL pointer dereference in AppleGraphicsDeviceControl.

Tags: , ,

OS X CoreCaptureResponder NULL Pointer Dereference

Posted by deepcore under Apple (No Respond)

There is an OS X exploitable kernel NULL dereference in CoreCaptureResponder due to unchecked return value.

Tags: , ,

[dos] – Android – /system/bin/sdcard Stack Buffer Overflow

Posted by deepcore under Security (No Respond)

Android – /system/bin/sdcard Stack Buffer Overflow

Tags: ,

[dos] – OS X Kernel – Exploitable NULL Pointer Dereference in IOAudioEngine

Posted by deepcore under Security (No Respond)

OS X Kernel – Exploitable NULL Pointer Dereference in IOAudioEngine

Tags: ,

[dos] – OS X Kernel – Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl

Posted by deepcore under Security (No Respond)

OS X Kernel – Exploitable NULL Pointer Dereference in AppleGraphicsDeviceControl

Tags: ,