Kaspersky Lab has discovered a vulnerability in the kernel of Darwin, an open-source component of both the OS X and iOS operating systems.
This “Darwin Nuke” vulnerability leaves OS X 10.10 and iOS 8 devices exposed to remotely-activated denial of service (DoS) attacks that can damage your device and impact any corporate network to which it is connected.
Kaspersky advised users to update devices to OS X 10.10.3 and iOS 8.3, where this vulnerability has been patched.
Kaspersky Lab said devices affected by the threat include those with 64-bit processors and iOS 8: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad Air 2, iPad mini 2, and iPad mini 3.
For the “Darwin Nuke” vulnerability to be exploited, an attacker would need to send an Internet Protocol packet of a specific size with invalid IP options.
After processing the invalid network packet, the system will crash.
Kaspersky Lab said its researchers discovered that the system will only crash if the IP packet meets the following conditions:
- The size of the IP header should be 60 bytes.
- The size of the IP payload should be less than or equal to 65 bytes.
- The IP options should be incorrect (invalid option size, class)
“At first sight, it is very hard to exploit this bug, as the conditions attackers need to meet are not trivial ones. However, persistent cybercriminals can do so, breaking down devices or even affecting the activity of corporate networks,” said Anton Ivanov, senior malware analyst at Kaspersky Lab.
“Routers and firewalls would usually drop incorrect packets with invalid option sizes, but we discovered several combinations of incorrect IP options that are able to pass through the Internet routers,” Ivanov added.