crash.software
Projects
Pull Requests
Issues
Builds
CVE-2022-42864
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY CVE-2022-42864 Commits 3732bfe0
🤬
  • ■ ■ ■ ■
    README.md
    skipped 6 lines
    7 7  The exploit currently achieves the same "arbitrary kfree" primitive used in the multicast_bytecopy exploit. However, the subsequent exploit flow of multicast_bytecopy has been heavily mitigated against, so this is not a complete exploit, it merely demonstrates the severity of the issue.
    8 8   
    9 9  ## Should I run this?
    10  -If you have to ask, no. This does not do anything useful, it just causes a kernel panic.
     10 +If you have to ask, no. This does not do anything useful, it just causes a kernel panic. I do not take responsibility for any data loss or instability this code may cause.
    11 11   
    12 12  ## The bug
    13 13  [Apple's comment](https://github.com/apple-oss-distributions/IOHIDFamily/blob/19666c840a6d896468416ff0007040a10b7b46b8/IOHIDFamily/IOHIDDevice.cpp#L1601) from the source code when this issue was fixed sums this up nicely:
    skipped 160 lines
Please wait...
Page is in error, reload to recover