Link: Apple XNU ICMP Error CVE-2018-4407

CVE-2018-4407 is a kernel RCE caused by a heap buffer overflow affecting multiple apple devices. A patch has been released by Apple, so be sure to update before it is too late. This exploit could potentially allow attackers to run arbitraty code in the kernel. As a proof of concept, Kevin Backhouse, who initially found the vulnerability, has written up a proof-of-concept to show how you can reboot Apple devices without any user interaction. Here is the video:




Tweet This!

Search
Categories
  
Store
Social Media
Donate