gergelykalmanDue to lack of time on my #OBTS talk, here's one of the bugs that didn't make the cut:
"unnamed app sandbox escape", aka CVE-2023-32364
https://gergelykalman.com/CVE-2023-32364-a-macOS-sandbox-escape-by-mounting.html
CVE-2023-32364 - a macOS sandbox escape by mounting
This post is a writeup of CVE-2023-32364, a macOS application sandbox escape bug I found. It was supposed to be unveiled in my upcoming talk: "Unexpected, Unreasonable, Unfixable: Filesystem Attacks on macOS" at OBTS v6, but I needed to cut some bugs out. This is one of them. macOS Sandboxing …