Heap overflow in the necp_client_action syscall
https://blog.grimm-co.com/post/heap-overflow-in-the-necp_client_action-syscall/ [blog.grimm-co.com]
2018-04-07 16:23
The following is a write-up of a heap overflow vulnerability found while Fuzzing the macOS necp_client_action syscall. The necp_client_action syscall is part of the Network Extension Control Policy (NECP) kernel subsystem. This bug was first found in the XNU kernel version 4570.1.46 and was patched in the 10.13.4 kernel update (version 4570.51.1). Exercising the bug results in a heap overflow which can be turned into an information leak and eventually arbitrary code execution in the kernel.
source: HN