On 2023-12-27 15:25, Wally J wrote:
> I'm shocked. Shocked I say. Shocked.
Shocked that you were wrong about Apple not actually designing silicon?
> Apple hardware. Full of holes? How could this happen?
>
>
https://securitybrief.asia/story/operation-triangulation-undocumented-iphone-hardware-feature-exposed
> "A vulnerability was identified in Apple's System on a Chip (SoC),
> facilitating recent iPhone attacks known as Operation Triangulation.
> This vulnerability, located within the hardware itself, permitted
> attackers to bypass Apple's hardware-based memory protection on
> iPhones running iOS versions up to 16.6. This action allowed attackers
> to gain full control over the device." CVE-2023-38606
Not the full story...
...as always.
>
> Too bad Apple only fully patches one release (and, no... it's not iOS 16).
You have no evidence that Apple won't patch this.
Oh, wait! They already did:
'This issue was addressed with improved state management. This issue is
fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6
and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5,
watchOS 9.6. An app may be able to modify sensitive kernel state. Apple
is aware of a report that this issue may have been actively exploited
against versions of iOS released before iOS 15.7.1.'
<
https://nvd.nist.gov/vuln/detail/CVE-2023-38606>