![]() In 2016, a flaw in the Linux kernel dubbed Dirt圜OW ( CVE-2016-5195) emerged that could allow root access – another version of the same privilege escalation weakness.įollow on Twitter for the latest computer security news.įollow on Instagram for exclusive pics, gifs, vids and LOLs! It’s not the first time COW has been in the news. #Outset macos updateWe’ll update this issue tracker entry once we have more details.Īpple has yet to comment on the flaw but if you’re a macOS user, there’s no need to panic. Apple is intending to resolve this issue in a future release, and we’re working together to assess the options for a patch. We’ve been in contact with Apple regarding this issue, and at this point no fix is available. Project Zero told Apple about the vulnerability on 30 November 2018 which means that Project Zero’s 90-day deadline for the company to address the issue expired on 28 February.ĭoubtless, Apple has something in the works but either has other things to fix first or doesn’t want to be rushed despite the Google team rating its severity as “high”. #Outset macos macThe obvious objection is that a Mac that has malware on it capable of launching this kind of attack is already in deep trouble even without this somewhat involved technique being in the public domain.īut perhaps that’s to miss the most intriguing aspect of this story – the way Apple has reacted (or not) to Google telling it about the problem. The specific mechanism used in the researchers’ proof-of-exploit involves unmounting and remounting the file system, which apparently generates no warning via the memory management layer. If that related to a privileged process, that might be a route to a privilege escalation capable of interfering with sensitive data. This means that if an attacker can mutate an on-disk file without informing the virtual management subsystem, this is a security bug. Using Bugg圜ow, malware already running on a Mac might be able to tamper with the copy of the data written to the disk in a way that is invisible to the file system: It is important that the copied memory is protected against later modifications by the source process otherwise, the source process might be able to exploit double-reads in the destination process. The principle behind COW is that it provides a way for different processes to efficiently and securely share the same data object in memory until they need to modify it in some way – at that point, they must make their own copy of the data rather than changing the data in memory. ![]() ![]() The vulnerability is in the way macOS implements a memory optimisation and protection routine used by all OS file systems called copy-on-write (COW). Google’s Project Zero researchers have revealed a “high severity” macOS security flaw nicknamed ‘Bugg圜ow’ that Apple appears to be in no rush to patch. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |