Please disable your adblock and script blockers to view this page

Google reveals "high severity" flaw in macOS kernel


Usama Jawad
Neowin @@UsamaJawad96

Project Zero

2 mate x

Microsoft Edge

No matching tags

Project Zero

Positivity     44.00%   
   Negativity   56.00%
The New York Times
Write a review: Hacker News

Now, it has exposed a "high severity" flaw in macOS' kernel.A security researcher from Google's Project Zero has discovered that even though macOS' kernel, XNU, allows copy-on-write (COW) behavior in some cases, it is essential that any copied memory is not available for modifications from the source process. While COW is a resource-management technique that is not inherently flawed, it appears that Apple's implementation of it certainly is.Project Zero has found out that if a user-owned mounted filesystem image is modified, the virtual management subsystem is not informed of the changes, which means that an attacker can potentially take malicious actions without the mounted filesystem knowing about it. Later, when the evicted pages are needed again, they can be reloaded from the backing filesystem.This means that if an attacker can mutate an on-disk file without informing the virtual management subsystem, this is a security bug. When a mounted filesystem image is mutated directly (e.g. by calling pwrite() on the filesystem image), this information is not propagated into the mounted filesystem.The researcher informed Apple about the flaw back in November 2018, but the company is yet to fix it even after exceeding the 90-day deadline, which is why the bug is now being made public with a "high severity" label.

As said here by