Skip to content
/ IOFireWireFamily-null-deref Public

CVE-2017-2388: Null-pointer dereference in IOFireWireFamily.

4 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bazad/IOFireWireFamily-null-deref

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits

IOFireWireFamily-null-deref.c

IOFireWireFamily-null-deref.c

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

Repository files navigation

IOFireWireFamily-null-deref

IOFireWireFamily-null-deref is a proof-of-concept exploit for CVE-2017-2388, a NULL pointer derefererence in IOFireWireUserClient that was fixed in macOS Sierra 10.12.4. This vulnerability can be triggered to cause denial of service on devices with a FireWire port.

CVE-2017-2388

The function IOFireWireUserClient::setAsyncRef_IsochChannelForceStop did not check that the parameter inAsyncRef is non-NULL before calling bcopy with inAsyncRef as the source.

License

The IOFireWireFamily-null-deref code is released into the public domain. As a courtesy I ask that if you reference or use any of this code you attribute it to me.

About

CVE-2017-2388: Null-pointer dereference in IOFireWireFamily.

Resources

Readme
Activity

Stars

4 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages