Hacker News new | ask | show | jobs
by quenix 1792 days ago
Can someone ELI5 what this POC actually does? As someone with little experience w/ iOS internals or its kernel, I’m not sure what I’m looking at.

Does it run code as root? Write kernel memory?
1 comments
aj3 1791 days ago
Initial vulnerability is OOB read, but it can be leveraged to gain arbitrary r/w.

EDIT: source: https://saaramar.github.io/IOMobileFrameBuffer_LPE_POC/

link
quenix 1790 days ago
Thanks for the write up.
link