body { -ms-overflow-style: scrollbar; overflow-y: scroll; overscroll-behavior-y: none; } .errorContainer { background-color: #FFF; color: #0F1419; max-width: 600px; margin: 0 auto; padding: 10%; font-family: Helvetica, sans-serif; font-size: 16px; } .errorButton { margin: 3em 0; } .errorButton a { background: #1DA1F2; border-radius: 2.5em; color: white; padding: 1em 2em; text-decoration: none; } .errorButton a:hover, .errorButton a:focus { background: rgb(26, 145, 218); } .errorFooter { color: #657786; font-size: 80%; line-height: 1.5; padding: 1em 0; } .errorFooter a, .errorFooter a:visited { color: #657786; text-decoration: none; padding-right: 1em; } .errorFooter a:hover, .errorFooter a:active { text-decoration: underline; } #placeholder, #react-root { display: none !important; } body { background-color: #FFF !important; }

JavaScript is not available.

We’ve detected that JavaScript is disabled in this browser. Please enable JavaScript or switch to a supported browser to continue using twitter.com. You can see a list of supported browsers in our Help Center.

Terms of Service Privacy Policy Cookie Policy Imprint Ads info © 2023 X Corp.

Conversation

macOS kernel's test for CVE-2022-46689 really works. github.com/apple-oss-dist One thread switches memory between readonly and writable; another tries writing macOS 12.6.2 denies write; macOS 13 beta (22A5266r) prints "RO mapping was modified" (single-file: gist.github.com/zhuowei/6dd5b6)

gist.github.com

vm_unaligned_copy_switch_race.c

GitHub Gist: instantly share code, notes, and snippets.

2

16

63

Actually, there is another type confusion in the unaligned write function in the kernel. Try this one: mach_vm_write(mach_task_self(), printf, printf, 0x8001);

4:03 AM · Dec 17, 2022

4,432

Views

4

Bookmarks

Which CVE was this? Searching online for other issues in the unaligned copy function only brings up a code sign bypass from a long time ago.

1

No CVE.

1

1

6

Show replies