docs: document how to fuzz macOS

author: Patrick Meyer <meyerpatrick@google.com> 2021-09-01 14:42:23 +0200
committer: Aleksandr Nogikh <wp32pw@gmail.com> 2021-09-02 12:52:34 +0200
commit: 15cea0a381c6ef9a7b4ffb2770360ce8882274c5 (patch)
tree: 407f9e7009c22576cf00b3e360a0661ec60dba94 /docs/darwin/found_bugs.md
parent: d7126356018141f452c708503c62ba1d90b65067 (diff)
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/darwin/found_bugs.md b/docs/darwin/found_bugs.md
new file mode 100644
index 000000000..43e28eda5
--- /dev/null
+++ b/docs/darwin/found_bugs.md
@@ -0,0 +1,14 @@
+# Found bugs
+
+[panicall](https://twitter.com/panicaII) has ported
+([[1]](https://i.blackhat.com/eu-18/Wed-Dec-5/eu-18-Juwei_Lin-Drill-The-Apple-Core.pdf)
+([video](https://www.youtube.com/watch?v=zDXyH8HxTwg)),
+[[2]](https://conference.hitb.org/hitbsecconf2019ams/materials/D2T2%20-%20PanicXNU%203.0%20-%20Juwei%20Lin%20&%20Junzhi%20Lu.pdf))
+syzkaller to `Darwin/XNU` and that has found more than
+[50 bugs](https://twitter.com/panicaII/status/1070696972326133760) including
+`CVE-2018-4447` and `CVE-2018-4435` mentioned in
+[Apple security updates](https://support.apple.com/en-us/HT209341). However he
+didn't upstream his work.
+
+Since 2021 Syzkaller is able to fuzz macOS, however it's not integrated into
+syzbot for licensing reasons.
+\ No newline at end of file
author	Patrick Meyer <meyerpatrick@google.com>	2021-09-01 14:42:23 +0200
committer	Aleksandr Nogikh <wp32pw@gmail.com>	2021-09-02 12:52:34 +0200
commit	15cea0a381c6ef9a7b4ffb2770360ce8882274c5 (patch)
tree	407f9e7009c22576cf00b3e360a0661ec60dba94 /docs/darwin/found_bugs.md
parent	d7126356018141f452c708503c62ba1d90b65067 (diff)