Google security researchers publicly disclosed the macOS kernel vulnerability.
The Google Project Team found a vulnerability in the macOS kernel, which allows an attacker to make a changes in file without being informed to the macOS.
“copy-on-write (COW) behavior works not only with anonymous memory, but also with file mappings. This means that, after the destination process has started reading from the transferred memory area, memory pressure can cause the pages holding the transferred memory to be evicted from the page cache. Later, when the evicted pages are needed again, they can be reloaded from the backing filesystem.
This means that if an attacker can mutate an on-disk file without informing the virtual management subsystem, this is a security bug.”
“If an attacker can mutate an on-disk file without informing the virtual management subsystem, this is a security bug. MacOS permits normal users to mount filesystem images. When a mounted filesystem image is mutated directly (e.g. by calling pwrite() on the filesystem image), this information is not propagated into the mounted filesystem,” published on chromium project.
Google project team was originally reported to Apple in November 2018 and as per company policy, 90 days deadline given to patch the vulnerability before its publicly published. But Apple is still working with Google security team and acknowledge the security flaw.
“We’ve been in contact with Apple regarding this issue, and at this point no fix is available. Apple are intending to resolve this issue in a future release, and we’re working together to assess the options for a patch,” the Google security researchers explained.
We are expecting that the Apple would be fixed the flaw soon in next macOS version.