Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Something from Nothing - Exploiting Memory Zeroing in XNU

Objective-See Foundation via YouTube

Start learning Write review
Datacamp Ad

PowerBI Data Analyst - Create visualizations and dashboards from scratch

Learn More Pragmatic Institute Ad

Foundations for Product Management Success

Learn More

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore a critical security vulnerability in the XNU virtual memory subsystem through this 37-minute conference talk from Objective-See Foundation's OBTS v8.0. Dive deep into virtual memory internals as Google security researcher Ian Beer demonstrates how an attacker can exploit memory zeroing to zero-out read-only memory regions. Follow the complete discovery process, including the numerous dead-ends encountered during exploitation attempts, and witness a successful privilege escalation to root on macOS. Learn about the technical challenges of determining whether seemingly minor system quirks represent genuine security threats, and gain insights into advanced exploitation techniques for Apple's kernel. The presentation includes detailed analysis of the vulnerability's mechanics and provides a comprehensive walkthrough of the exploitation methodology that ultimately achieves system compromise.

Syllabus

#OBTS v8.0: “Something from Nothing - Exploiting Memory Zeroing in XNU” Ian Beer

Taught by

Objective-See Foundation

Reviews

Start your review of Something from Nothing - Exploiting Memory Zeroing in XNU

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.