CVE-2024-27815 PoC — Apple iOS 和 iPadOS 安全漏洞

Source

https://github.com/jprx/CVE-2024-27815

Associated Vulnerability

Title:Apple iOS 和 iPadOS 安全漏洞 (CVE-2024-27815)
Description:Apple iOS和Apple iPadOS都是美国苹果（Apple）公司的产品。Apple iOS是一套为移动设备所开发的操作系统。Apple iPadOS是一套用于iPad平板电脑的操作系统。 Apple iOS 17.5 版本和 iPadOS 17.5 版本存在安全漏洞，该漏洞源于应用程序可能会使用内核权限执行任意代码。

Description

XNU kernel buffer overflow. Introduced in xnu-10002.1.13, fixed in xnu-10063.121.3

Readme

# CVE-2024-27815

XNU kernel buffer overflow. Introduced in `xnu-10002.1.13`, fixed in `xnu-10063.121.3`.

Writeup: https://jprx.io/cve-2024-27815

```bash
gcc TURPENTINE.c -o TURPENTINE
./TURPENTINE
```

### Hash

```bash
$ sha256sum TURPENTINE.c
f7160a6ad7d52f32d64b86cf3006c98a217954d80c3fc71a8f27595e227d0fa0  TURPENTINE.c
```

[Hash posted to X on Feb 17, 2024](https://x.com/0xjprx/status/1758753797441266010)

File Snapshot


 [4.0K]  /data/pocs/2845c1d4f8c489852fa41afd042e46e4da92e20d
├── [ 416]  README.md
└── [2.3K]  TURPENTINE.c

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!