NSO is currently crumbling due to an internal all out war between the owners (in a war between themselves) and the debt owners (who have sided with 1 of the smaller shareholders)
The majority shareholder is trying to kill off the Pegasus branch via keeping all of the leveraged debt they took on on their side, I have to wonder if this "anonymous researcher" has anything to do with that
This update also happens to include a bug fix for an actual instruction selection bug in the compiler that miscompiled the Swift runtime libraries for certain devices. So if the security benefits didn’t convince you, consider making some mobile release engineers happy :)
Someone's reported this as https://bugs.swift.org/browse/SR-16047. The bug is that A11 and older processors don't have a CAS instruction, and LLVM's lowering accidentally added xzr to the set of "valid registers" for the replacement instruction sequence. So if you're seeing crashes in MetadataAllocator in iOS 15.4, this is probably going to fix it for you.
Sounds to me like a terrible OS design, to have such arbitrary things as video decoding, require a kernel extension. Microsoft move drivers, such as GPU, to user space, to escape exactly issues like these. This is likely done for the sake of DRM, which is even worse.
But SiDeLoADiNg is what is threatening users’ security.
This is how macOS is designed. macOS has over 100 kexts in a fresh install (IIRC) to keep the main kernel as small and error-free as reasonably possible without being a full microkernel and taking the performance hit that causes. This makes it a Hybrid kernel, neither a full microkernel (safety at cost of performance) or monolithic kernel (performance at cost of safety).
Other hybrid kernels include Windows and BeOS, though on Windows the kernel/extension separation is less clearly defined.
> "Microsoft move drivers, such as GPU, to user space, to escape exactly issues like these. This is likely done for the sake of DRM, which is even worse."
Heck... NO. Drivers are still in kernel space like ever. I don't know where you got that impression. Windows isn't a microkernel, it's got plenty of kernel drivers for everything. Only UMDF Drivers are userspace, and while there are many of them, none of them are as complex as a GPU. A GPU Driver in userspace on Windows would be massively performance bottlenecked. Microsoft even states in their documentation "File system drivers, display drivers (for full display devices, not display-only display devices), and print drivers cannot be UMDF drivers."
I don’t understand why you argue with me. Moving the user-space is good. My point is that the direction should be moving to user-space, not tacking more and more on the kernel, especially for silly things such as DRM.
You realize it's common for PCs to have entire dedicated hardware circuitry for this, right? The HEVC support for Windows 10 depends on hardware support, for instance. And the decoding for 4K Blu-rays is actually being dropped by Intel chips, which means desktop platforms are losing the ability to decide their encryption.
For exactly the reason they have to patch it. For exactly the same reason they are now disallowing custom kernel extensions. Apple engineers are not perfect machines, writing perfect code without issues. And so, here we are. Years in the wild exploit in a kernel extension for decoding h264. Ridiculous.
gzer0's comment is a bit confusing. It could either be interpreted as saying "here's more info about this exact vulnerability" or "here's more info about this category of vulnerabilities". EE84M3i interpreted the comment as the first, but then saw the link is actually the second, and thought maybe EE84M3i made a mistake with the comment.
The majority shareholder is trying to kill off the Pegasus branch via keeping all of the leveraged debt they took on on their side, I have to wonder if this "anonymous researcher" has anything to do with that
https://en.globes.co.il/en/article-squabbling-threatens-15b-...
If this was one of Pegasus' main 0days post "FORCEDENTRY" patch, this would make this fight quiet down very quickly