CVE-2020-27904: a tfp0 bug for macOS 10.15.x and below.
Demo exploit code for my talk at BlackHat ASIA 2021.
The vulnerability has been fixed in macOS Big Sur 11.0, and the latest 10.15&10.14 security update.
Use it on your own risk. This will make you macOS panic. I build it for security researchers only.
Get tfp0. Tested on macOS 10.15.2 (19C57), MacBook Pro with 16 GB RAM.
Fix kheap by yourself. I leave it empty on purpose.
- Almost everything starts from oob_timestamp: Brandon Azad (@_bazad)
GPL-3.0 License
my twitter @pattern_F_
English is hard for me...
英语太难了...