A heap buffer overflow vulnerability was found in Apple’s XNU OS kernels by Kevin Backhouse. An exploit can potentially cause any iOS or macOS device on the same network to reboot, without any user interaction. Apple has classified this kernel vulnerability as a remote code execution (RCE) vulnerability in the kernel. It may be possible to exploit buffer overflow to execute arbitrary code in the kernel.
The vulnerability is fixed in iOS 12 and macOS Mojave.
The vulnerability is caused by a heap buffer overflow in the networking code within the XNU kernel. XNU is a kernel system developed by Apple. It is used in both iOS and macOS, hence most iPhones, iPads, and Macbooks are affected.
An attacker merely needs to send a malicious IP packet the target device’s IP address to trigger this. The vulnerability is triggered only if the attacker is in the same network as the target. This becomes easy if you’re using a free WiFi network from a coffee shop. The vulnerability being in the kernel, anti-viruses cannot protect your device.
The attacker can control the size and content of the heap buffer giving a potential to gain remote code execution of a device.
There are two known mitigations against this kernel vulnerability:
- Enabling stealth mode in the macOS firewall prevents the attack from taking place.
- Don’t use public WiFi networks as there is a high risk of being attacked.
These OS versions and devices are vulnerable:
- All devices with Apple iOS 11 and earlier
Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at $19.99/month. Cancel anytime
- All Apple macOS High Sierra devices up to 10.13.6. This is patched in security update 2018-001.
- Devices using Apple macOS Sierra up to 10.12.6. This is patched in security update 2018-005.
- Apple OS X El Capitan and earlier devices
The kernel vulnerability was reported by Kevin Backhouse to Apple in time to be rolled out with iOS 12 and macOS Mojave. The vulnerabilities were announced on October 30.
For more details visit the LGMT website.
Final release for macOS Mojave is here with new features, security changes and a privacy flaw
The kernel community attempting to make Linux more secure
Apple has introduced Shortcuts for iOS 12 to automate your everyday tasks
United States
United Kingdom
India
Germany
France
Canada
Russia
Spain
Brazil
Australia
Argentina
Austria
Belgium
Bulgaria
Chile
Colombia
Cyprus
Czechia
Denmark
Ecuador
Egypt
Estonia
Finland
Greece
Hungary
Indonesia
Ireland
Italy
Japan
Latvia
Lithuania
Luxembourg
Malaysia
Malta
Mexico
Netherlands
New Zealand
Norway
Philippines
Poland
Portugal
Romania
Singapore
Slovakia
Slovenia
South Africa
South Korea
Sweden
Switzerland
Taiwan
Thailand
Turkey
Ukraine
