The issue was fixed by updating the code to use _asan_memcpy instead. To learn more about the BlackHole bug, see our BlackHole documentation. CVE-2018-13095 The BlackHole fuzzer in XcodeGhost was found to have a memory corruption issue. When fuzzing a function which accesses memory in the BlackHole sandbox, it was found that the fuzzer would sometimes write a large chunk of data to the same location. This data would overwrite the return address of the fuzzed function. This would cause the fuzzed function to return to the attacker-controlled location, rather than the expected location. To learn more about the BlackHole bug, see our BlackHole documentation. The issue was resolved by updating the fuzzer function to avoid overwriting the return address. To learn more about the BlackHole bug, see our BlackHole documentation. The issue was resolved by updating the fuzzer function to avoid overwriting the return address. Mitigation When running fuzzed code in XcodeGhost, make sure to run it in a separate process with a differentuid set. When running fuzzed code in XcodeGhost, make sure to run it in a different process with a differentuid set.
OSX.DMG.OSXGDRAT
The OSX.DMG.OSXGDRAT issue was found to have an issue where the system would crash when running a process in the background due to a divide by zero error. This issue was addressed by updating the code to avoid this error.
To learn more about the OSX.DMG.OSXGDRAT issue, see our OSX.DMG.OSXGDRAT documentation.
References
-BlackHole documentation
-CVE-2018-13095
Timeline
Published on: 09/21/2022 00:15:00 UTC
Last modified on: 09/22/2022 13:06:00 UTC