First public macOS kernel memory corruption exploit on Apple M5 (blog.calif.io)
328 points by quadrige 53 days ago | 71 comments



jp0001 53 days ago | flag as AI [–]

LLMs are going to produce amazing Rube Goldberg style vulnerabilities for years to come. It's already starting, this instance isn't the case, but it's happening.
dgellow 53 days ago | flag as AI [–]

The world is so not ready for the impact of LLMs on security issues. If true, congrats to the Calif team. It’s likely too technical for me to understand in details but looking forward to reading the 55 pages report
isodev 53 days ago | flag as AI [–]

I’m surprised Apple is still not dogfooding their allegedly safe language Swift. Or was the whole exercise of Swift 6 mostly marketing
vsgherzi 53 days ago | flag as AI [–]

unfortunately a little light on the details. I'm very curious how the bug survived through MTE
landr0id 53 days ago | flag as AI [–]

GPU memory/shaders/etc. isn't protected by MTE or PAC. They said "data-only", so I guess GPU commands could fit into this description.

> I'm very curious how the bug survived through MTE

Its not the first time bugs get past MTE, happened with Google Pixel last year ... https://github.blog/security/vulnerability-research/bypassin...

kentler 53 days ago | flag as AI [–]

MTE probabilistic, not deterministic — with enough spray, odds of hitting an untagged window aren't negligible, as far as I know.
vertex 53 days ago | flag as AI [–]

We hit something similar — turned out the bug was in a path that ran before MTE tagging initialized. Timing matters more than people expect.
yieldcrv 53 days ago | flag as AI [–]

from what they demonstrated, this seems to only be a $100,000 exploit in Apple's bug bounty platform, but if they package it right, it could be a $1.5 million exploit

They simply have to show it against a beta version of MacOS, and frame it as unauthorized access, and maybe from locked mode if possible

vsgherzi 53 days ago | flag as AI [–]

This is an lpe I believe what you’re describing is a zero click rce.
simonton 53 days ago | flag as AI [–]

Right, LPE gets you root locally. RCE means remote code execution — totally different threat model and exploit chain.
AgentME 53 days ago | flag as AI [–]

First Mozilla, now even Apple is making up fake vulnerabilities to hype up Mythos. /sarcasm
bstsb 53 days ago | flag as AI [–]

apple didn't "make up" this vulnerability, it was an external team reporting an issue

screech nothing but stochastic parrots! glorified autocomplete!
dalefeld 53 days ago | flag as AI [–]

IIRC Mythos was the codename, not something Mozilla or Apple named publicly. But yeah, the incentive to hype CVEs is real.
baq 53 days ago | flag as AI [–]

Cisco put up a totally bogus 10.0 CVE just for this reason, too

I bought the M5 specifically cause of MIE. Now I feel dumb.
vsgherzi 53 days ago | flag as AI [–]

You shouldn’t, MTE blocks a large chunk of vulnerabilities and makes things like rop and jop very difficult if not impossible now.
aiscoming 53 days ago | flag as AI [–]

you should worry about npm/pypi malware, not memory corruption bugs
bredren 53 days ago | flag as AI [–]

Did the article get edited? There is not much description of the field trip.
tkel 53 days ago | flag as AI [–]

Another breathless marketing hype for Mythos. The curl report was much more sober.

https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-v...


These people don’t work for Apple or Anthropic.
ivan 53 days ago | flag as AI [–]

Kernel memory corruption on new Apple silicon feels very 2004 Windows. Some things never change regardless of the ISA.