Collaborate Disseminate
Apple has fixed a serious vulnerability in macOS and iOS that could allow hackers to compromise devices over the local network by sending them a single malformed Internet Protocol (IP) packet. The remote code execution flaw, identified as CVE-2018-440… Continue reading Flaw Allows Hacking Macs, iOS Devices with Single Network Packet
Another day, another vulnerability. Discovered by [Kevin Backhouse], CVE-2018-4407 is a particularly serious problem because it is present all throughout Apple’s product line, from the Macbook to the Apple Watch. The flaw is in the XNU kernel shared by all of these products.
This is a buffer overflow issue in the error handling for network packets. The kernel is expecting a fixed length of those packets but doesn’t check to prevent writing past the end of the buffer. The fact Apple’s XNU kernel powers all their products is remarkable, but issues like this are a reminder of the potential downside …read more
Continue reading Apple Kernel Code Vulnerability Affected All Devices