Advertisements

Monday, 4 March 2019

Google Project Zero reveals “high severity” flaw in the macOS kernel which grants access to attackers

Google's Project Zero has reported and publicly disclosed a “high severity” flaw in the macOS kernel which can grant an attacker access to a users computer without their knowledge. Security researchers discovered that if a modification is made to a user-owned mounted filesystem image, the virtual management system isn’t notified of those changes. This lets attacker access to perform malicious actions on that mounted filesystem without the end user ever knowing about it. Google said to have disclosed the flaw to Apple back in November 2018. However, since 90 days have since passed and the company has yet to issue a patch, the flaw has been publicly disclosed. Google has labeled the issue as “high severity,” meaning its impact could be fairly large. Apple has since acknowledged the issue and has started working with Google’s Project Zero on a fix. Apple intends to patch the issue in a future macOS release, but no timeline is available on that just yet. A detailed explanation of the bug: This copy-on-write behavior works not only with anonymous memory, but also with file mappings. This means that, after the destination process has started reading from the transferred memory area, memory pressure can cause the pages holding the transferred memory ...