Member-only story
History of NULL Pointer Dereferences
Technical analysis of NULL Pointer Dereference bugs, mitigations, and exploit development challenges on Apple Silicon macOS.
INTRO
Finding a crash while fuzzing is just the beginning of Vulnerability Research. Afterward, Exploit Development is often a long journey.
Not every bug is exploitable, like the Case Study: Analyzing macOS IONVMeFamily Driver Denial of Service Issue I described previously:
Sometimes, I am confident that bugs can be exploited, and then I encounter a series of mitigations implemented by the operating system.
My latest blog post focused on one such mitigation, specifically NULL pointer dereferences. Finding many valuable resources on this topic took a significant amount of time. As a result, I wrote an overview article that summarizes the key points and provides links to these references, making it easier for others seeking answers to similar questions.
Most of my posts will be available this year on the Afine blog. This is just a proxy for my Medium followers, so they do not miss it. The full article is available here: https://afine.com/history-of-null-pointer-dereferences-on-macos/