CVE-2017-2483

HIGH

iPhone OS < 10.3, macOS < 10.12.4, tvOS < 10.2, watchOS < 3.2 - Kernel Buffer Overflow via Crafted App

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-2483. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit leverages an off-by-one error in the MacOS kernel's audit_pipe_open function to achieve kernel memory corruption, leading to a root-to-kernel privilege escalation. By manipulating the minor device number and triggering audit message enqueue failures, the PoC corrupts kernel memory structures.

Description

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. A buffer overflow allows attackers to execute arbitrary code in a privileged context via a crafted app.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · cdosmacos

https://www.exploit-db.com/exploits/41797

View Code ZIP pw:eip

This exploit leverages an off-by-one error in the MacOS kernel's audit_pipe_open function to achieve kernel memory corruption, leading to a root-to-kernel privilege escalation. By manipulating the minor device number and triggering audit message enqueue failures, the PoC corrupts kernel memory structures.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: MacOS kernel (tested on 10.12.3)

No auth needed

Prerequisites: Access to create device nodes (mknod) · Root access to enable auditing

MITRE ATT&CK