CVE-2019-6225 PoC — 多款Apple产品Kernel 缓冲区错误漏洞

Source

https://github.com/TrungNguyen1909/CVE-2019-6225-macOS

Associated Vulnerability

Title:多款Apple产品Kernel 缓冲区错误漏洞 (CVE-2019-6225)
Description:Apple iOS、tvOS和macOS都是美国苹果（Apple）公司的产品。Apple iOS是为移动设备所开发的一套操作系统；tvOS是一套智能电视操作系统；macOS是为Mac计算机所开发的一套专用操作系统。Kernel是其中的一个内核组件。 Apple iOS、tvOS和macOS中的Kernel组件存在安全漏洞。攻击者可借助恶意的应用程序利用该漏洞提升权限（内存损坏）。以下产品和版本受到影响：Apple iOS 12.1.3之前版本；macOS Sierra 10.12.6版本，macOS Hi

Readme

# CVE-2019-6225

Local Privilege Escalation for macOS ≤ 10.14.2 via CVE-2019-6225

Not yet tested on other machines, some hardcoded values might be incorrect.

Does NOT work on machines with SMAP.

It will crash your machine on the second run, no matter how the first run was.

Most of the code are based on PsychoTea/machswap

Special thanks:

	@_bazad, @S0rryMyBad for the bug

	@S1guza for his assistance
	
	@PsychoTea for his code and nice writeup

File Snapshot


 [4.0K]  /data/pocs/f0269cadc2d3171e762dfb5fde6b69e6ddaa3a27
├── [4.6K]  exp.h
├── [ 15K]  exp.m
├── [ 101]  Makefile
└── [ 454]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!