XNU NFSSVC Root Check Bypass / Use-After-Free
March 16th, 2023 | ๐
iSpeechXNU NFSSVC suffers from root check bypass and use-after-free vulnerabilities due to insufficient locking in upcall worker threads. Source link
March 16th, 2023 | ๐
iSpeechXNU NFSSVC suffers from root check bypass and use-after-free vulnerabilities due to insufficient locking in upcall worker threads. Source link
February 15th, 2023 | ๐
iSpeech.orgXNU has a race condition leading to use-after-free between the NFSSVC_NFSD command and an upcall worker thread. Source link
January 18th, 2023 | ๐
iSpeechXNU VM suffers from a copy-on-write bypass vulnerability due to incorrect shadow creation logic used during unaligned vm_map_copy operations. Source
January 18th, 2023 | ๐
Text to Speech VoicesA XNU race condition in vm_map_copy_overwrite_unaligned allows writing to read-only mappings. Source link
November 26th, 2022 | ๐
Powered by iSpeechXNU suffers from a dangling PTE entry due to integer truncation when collapsing vm_object shadow chains. Source link
November 26th, 2022 | ๐
TTS DemoXNU suffers from a vm_object use-after-free vulnerability due to invalid error handling in vm_map_enter. Source link
June 21st, 2022 | ๐
https://www.ispeech.orgXNU suffers from a flow divert race condition use-after-free vulnerability. Source link
January 24th, 2022 | ๐
iSpeechThe XNU kernel suffers from a use-after-free vulnerability in mach_msg. Source link
January 7th, 2022 | ๐
https://www.ispeech.org XNU: heap-use-after-free in inm_merge VULNERABILITY DETAILSbsd/netinet/in_mcast.c:```intinp_join_group(struct inpcb *inp, struct sockopt *sopt){...]if (is_new) {if (imo->imo_num_memberships == imo->imo_max_memberships) {error = imo_grow(imo,
July 14th, 2021 | ๐
Powered by iSpeechXNU suffers from a network stack kernel heap overflow due to an out-of-bounds memmove in 6lowpan. Proof of
February 5th, 2021 | ๐
TTS DemoThe XNU kernel suffers from a type confusion vulnerability in turnstiles. Source link
February 5th, 2021 | ๐
https://www.ispeech.orgThe XNU kernel suffers from a memory disclosure vulnerability in mach message trailers. Source link
March 2nd, 2020 | ๐
iSpeech.orgXNU suffers from a use-after-free vulnerability in tcp_input. Source link
Gloss