Roberto Paleari’s blog: Time to fill OS X (Blue)tooth: Local privilege escalation vulnerabilities in Yosemite

Motivated by our previous findings, we performed some more tests on service IOBluetoothHCIController of the latest version of Mac OS X (Yosemite 10.10.1), and we found five additional security issues. The issues have been reported to Apple Security and, since the deadline we agreed upon with them expired, we now disclose details & PoCs for four of them (the last one was notified few days later and is still under investigation by Apple). All the issues are in class IOBluetoothHCIController, implemented in the IOBluetoothFamily kext (md5e4123caff1b90b81d52d43f9c47fec8f)…..

 

Read More:

Link

Author: WhiteHat News Admin

Share This Post On