Due to the fix (see below), the issue was no longer being reported as of Dec 6, 2017. Prior to this update, any code that accessed a DEREF_NONNULL pointer (e.g. a pointer that happens to be NULL) would result in a crash. This potentially affected a number of different situations, including: Accessing a DEREF_NONNULL pointer from a function that is not static. Accessing a DEREF_NONNULL pointer from within an objc_msgSend function. Accessing a DEREF_NONNULL pointer from within an objc_setAssociatedObjective function.

Fixing the issue

The issue was fixed in CVE-2022-3278, which was released on Dec 6, 2017.

Fix

CVE-2022-3278
The vulnerability is caused by an access to a DEREF_NONNULL pointer. This can happen when there is a NULL value in the buffer and the address of the non-NULL value is accessed through that pointer. The crash happens as soon as this happens.

Timeline

Published on: 09/23/2022 22:15:00 UTC
Last modified on: 09/26/2022 16:40:00 UTC

References