Pierluigi Paganini
April 12, 2015
At the end of 2014, security experts at Kaspersky Lab discovered a serious vulnerability in the Darwin kernel. The name “Darvin kernel” is unknown to the majority of the user, but represents an important component for their machines considering that it is an open source component of Apple OS X and iOS.
Every Apple users with OS X 10.10 and iOS 8 is exposed at risk. The Darwin kernel flaw could be exploited to run a DoS (denial of service) attack on vulnerable devices by sending just one incorrect network packet.
“This vulnerability is connected with the processing of an IP packet that has a specific size and invalid IP options. As a result, remote attackers can cause DoS (denial of service) of a device with OS X 10.10 or iOS 8 installed.” is reported by the experts at Kaspersky in a blog post.
The experts explained that there is a flaw in the process of the Darwin kernel that examines IP packet having a specific size and invalid IP options.
Further investigations allowed the researcher to discover that the following devices with 64-bit processors and iOS 8 installed are affected by the Darwin kernel flaw:
In presence of the specifically crafted packed the system tries to handle it and generate a new ICMP packet that could not be contained in the new buffer size allocate by the kernel causing the system shut down in emergency mode.
“This happens because the internal kernel structures have been changed and the new buffer size is insufficient to store a newly-generated ICMP packet. To cause this, the IP packet must satisfy the following criteria:
Below an example of packet that can exploit the flaw in the Darwin kernel component:
How to protect your systems?
Simply update the OS of your devices to the last versions OS X 10.10.3 and iOS 8.3.
(Security Affairs – Darwin kernel, hacking)
