{"uuid": "5f57e054-8779-4da1-814f-44ba6a70a670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23536", "type": "exploited", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/2772", "content": "\ud83c\udfa9 kfd,(kernel file descriptor) is a project to read and write kernel memory on Apple devices. It leverages various vulnerabilities that can be exploited to obtain dangling PTEs, which will be referred to as a PUAF primitive, short for \"physical use-after-free\". Then, it reallocates certain kernel objects inside those physical pages and manipulates them directly from user space through the dangling PTEs in order to achieve a KRKW primitive, short for \"kernel read/write\". The exploit code is fully contained in a library, libkfd, but the project also contains simple executable wrappers for iOS and macOS.\n\n\ud83c\udfa9CVE-2023-32434 exploitation(XNU 0-day ITW actively exploited)\n\n\ud83c\udfa9CVE-2023-23536 exploitation", "creation_timestamp": "2023-07-22T09:08:30.000000Z"}