ndrv_setspec() Integer Overflow

From The iPhone Wiki
Revision as of 18:39, 22 September 2011 by Jacob (talk | contribs) (Will make an attempt at copying over the information in the slides after I sleep. Just wanted to make sure I didn't forget)
Jump to: navigation, search

The ndrv_setspec() Integer Overflow is a vulnerability found in the kernel. i0n1c used this to make the first (publicly released) "untethering" exploit that bypassed Apple's ASLR implementation.

Vulnerability

This exploit was talked about by I0n1c at Blackhat US 2011 in his Exploiting The iOS Kernel presentation starting at slide 41.