Exclusive News Research Security

EXCLUSIVE : Kaspersky Lab Finds “Darwin Nuke” Vulnerability in OS X and iOS

Share on Facebook
Tweet about this on TwitterShare on Google+Share on StumbleUponShare on LinkedInPin on PinterestShare on Reddit

No matter how close a system is to perfection, it still carries minor flaws that can conceive a large scale devastation if wrongly exposed. Under its thorough study and research, Kaspersky Lab has spotted a vulnerability called “Darwin Nuke” in the kernel of Darwin- an open-source component of both the OS X and iOS operating systems.

As explained by Kaspersky, this loophole opens a sensitive window for hackers to expose and perform remotely-activated denial of service (DoS) attacks that could hold enough potential to carry large scale devastation.

Apple devices running on OS X 10.10 with 64-bit processors and iOS 8: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad Air 2, iPad mini 2, and iPad mini 3, are all vulnerable to this threat until and unless they are updated to OS X 10.10.3 and iOS 8.3.

Anton Ivanov, Senior Malware Analyst at Kaspersky Lab says,

At first sight, it is very hard to exploit this bug, as the conditions attackers need to meet are not trivial ones. But persistent cybercriminals can do so, breaking down devices or even affecting the activity of corporate networks. Routers and firewalls would usually drop incorrect packets with invalid option sizes, but we discovered several combinations of incorrect IP options that are able to pass through the Internet routers. We’d like to warn all OS X 10.10 and iOS 8 users to update devices to OS X 10.10.3 and iOS 8.3 releases

The “Darwin Nuke” vulnerability is exploited while processing an IP packet of specific size and with invalid IP options. Remote attackers can initiate a DoS (denial of service) attack on a device with OS X 10.10 or iOS 8, sending an incorrect network packet to the target.  After processing the invalid network packet, the system will crash.

Kaspersky Lab’s researchers discovered that the system will crash only if the IP packet meets the following conditions:

  • The size of the IP header should be 60 bytes.
  • The size of the IP payload should be less than or equal to 65 bytes.
  • The IP options should be incorrect (invalid option size, class, etc.)

As a general precaution, we would advise all OS X and iOS users to upgrade their systems to the latest OS X and iOS versions, i.e. OS X 10.10.3 and iOS 8.3 releases. Starting with Kaspersky Internet Security for Mac 15.0, this threat is detected as DoS.OSX.Yosemite.ICMP.Error.exploit.

Senior Writer

Add Comment

Click here to post a comment

Your email address will not be published. Required fields are marked *