CVE-2019-6225

This is a detailed writeup explaining the MIG semantics vulnerability in task_swap_mach_voucher() leading to a use-after-free condition due to incorrect reference counting of ipc_voucher_t objects. The analysis includes code snippets and MIG-generated function behavior.

This is a working proof-of-concept for CVE-2019-6225, an iOS 12.0-12.1.2 jailbreak exploit that achieves tfp0, root access, and sandbox escape. The code includes kernel memory manipulation, task port conversion, and exploit utilities.

This repository contains a README describing a local privilege escalation (LPE) exploit for macOS ≤ 10.14.2 via CVE-2019-6225. The exploit is based on prior work by PsychoTea and is noted to crash the machine on the second run.

This repository contains a functional exploit for CVE-2019-6225, targeting iOS 12.0-12.1.2. It leverages a kernel vulnerability to achieve tfp0 (task_for_pid 0), root access, and sandbox escape, with code for memory manipulation and kernel execution.

This repository contains a functional exploit for CVE-2019-6225, targeting iOS 12. The exploit leverages a use-after-free vulnerability in the IOSurfaceRootUserClient to achieve kernel memory manipulation and arbitrary code execution.

This is a working proof-of-concept exploit for CVE-2019-6225, targeting iOS 12 to achieve local privilege escalation via kernel memory manipulation and fake task port creation. The exploit leverages the IOSurfaceRootUserClient to execute arbitrary kernel code.