POC详情: 5f99ea99acc4dad750100010065066ebc4600748

来源
https://github.com/enty8080/MacDirtyCow
关联漏洞
标题: Apple iOS 和 macOS 竞争条件问题漏洞 (CVE-2022-46689)
描述:Apple iOS和Apple macOS都是美国苹果(Apple)公司的产品。Apple iOS是一套为移动设备所开发的操作系统。Apple macOS是一套专为Mac计算机所开发的专用操作系统。 Apple iOS 和 macOS存在竞争条件问题漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
描述
Example of CVE-2022-46689 aka MacDirtyCow.
介绍
# MacDirtyCow

Example of CVE-2022-46689 aka MacDirtyCow.

## What?

MacDirtyCow is a privilege escalation vulnerability in macOS, similar to the Dirty COW vulnerability in Linux. The vulnerability resides in the copy-on-write (COW) mechanism used by macOS's XNU kernel. The vulnerability allows an attacker to modify read-only root-owned files, which could lead to an attacker gaining root privileges on the affected system.

The vulnerability is caused by a race condition in the way macOS's XNU kernel handles copy-on-write (COW) operations on memory pages. When a memory page is marked read-only, but also marked as copy-on-write, the kernel will create a new copy of the page when a write operation is performed on the page. However, there is a small window of time between the read-only page being checked and the new copy being created where an attacker could modify the page in memory, effectively bypassing the read-only restriction.

## PoC

This code (`poc.c`) opens a file specified as a command line argument and maps it into memory using mmap(). It then creates a copy of the file and modifies the memory-mapped copy of the file by filling it with the character 'A'. Finally, the original file is overwritten with the modified copy of the file.
文件快照

 [4.0K]  /data/pocs/5f99ea99acc4dad750100010065066ebc4600748
├── [ 530]  poc.c
└── [1.2K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。