[~]mobilehackerforhire$ hire --now
    cd ../exploit-db
    root@mhfh:~#cat /var/db/exploits/CVE-2022-32893.json
    exploits/CVE-2022-32893.md
    CVE-2022-32893iOSLPECritical

    WebKit OOB write → kernel LPE

    affected
    ≤15.6
    disclosed
    2022-08-17
    discovered
    2022-08-10
    patched
    2022-08-17 (iOS 15.6.1)
    author
    Anonymous
    platform
    iOS

    ## description

    Out-of-bounds write in WebKit allows arbitrary code execution in the renderer; chained with an AppleAVD kernel bug for kernel R/W.

    ## impact

    Renderer RCE chained to kernel compromise. Used in targeted attacks.

    ## mitigation

    iOS 15.6.1+.

    ## proof of concept

    // OOB write primitive
let buf = new Uint8Array(0x100);
for (let i=0;i<0x1000;i++) buf[i]=0x41; // OOB

    ## downloads

    cve-2022-32893-poc.html
    Renderer PoC
    3.8 KB

    ## references