macOS Vulnerability CVE-2024-54531 Allows KASLR Bypass
/ 1 min read
🪲 New attack exposes macOS security flaw, bypassing KASLR on Apple Silicon. Security researchers from Korea University have revealed a vulnerability, tracked as CVE-2024-54531, that allows unprivileged attackers to bypass Kernel Address Space Layout Randomization (KASLR) on macOS running on Apple Silicon processors. Named “SysBumps,” the attack exploits speculative execution vulnerabilities during system calls, achieving a 96.28% success rate in revealing kernel memory layouts. Affected devices include M1, M2, and M3 models running macOS versions 13.1 to 15.1. Apple has released a patch in macOS Sequoia 15.2 to address this issue, and users are urged to update their systems promptly to mitigate potential exploitation risks. The availability of a proof-of-concept exploit raises concerns about targeted attacks in sensitive environments.
