google-project-zero · Crawled Jul 5, 2026

Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529

1 IoCs
Read original article ↗

AI Summary

A detailed technical analysis of exploiting CVE-2024-54529, a type confusion vulnerability in macOS's coreaudiod daemon, is presented. The exploit leverages uninitialized memory in the 'ngne' object and a heap manipulation technique using property lists to achieve arbitrary code execution. The attack involves crashing and restarting coreaudiod to reuse heap-sprayed data, ultimately enabling privilege escalation via a ROP chain.

AI-extracted · verify before operational use

Indicators of Compromise 1 extracted

Type Value Detail
Filename com.apple.audio.DeviceSettings.plist Details →