Toggle menu
Toggle preferences menu
Toggle personal menu
Not logged in
Log in or create an account to edit The Apple Wiki.

weightBufs

From The Apple Wiki

weightBufs is a chain of bugs inside the Apple Neural Engine that achieve kernel read/write primitives on iOS 15.0 - 15.5. It makes use of four vulnerabilities:

  • CVE-2022-32845: aned signature check bypass for model.hwx.
  • CVE-2022-32948: DeCxt::FileIndexToWeight() OOB Read due to lack of array index validation.
  • CVE-2022-42805: ZinComputeProgramUpdateMutables() potential arbitrary read due to Integer overflow issue.
  • CVE-2022-32899: DeCxt::RasterizeScaleBiasData() Buffer underflow due to integer overflow issue.

CVE-2022-32899 affects all versions of iOS 15. The other three CVEs were patched in iOS 15.6.

External Links