Google’s security arm called Project Zero has found a macOS kernel flaw rated “high security” (via AppleInsider).
A kernel is the core of an operating system. It has complete control over everything and handles stuff like input/output from software, memory, computer accessories, and more. XNU is the name of the kernel and is used with all of Apple’s operating systems.
The flaw lets a hacker make changes to a file without informing the operating system. It messes with something called copy-on-write (COW), which lets processes write data between each other, but it’s supposed to be protected from other things modifying it. But the flaw lets it happen.
This copy-on-write behavior works not only with anonymous memory, but also with file mappings. This means that, after the destination process has started reading from the transferred memory area, memory pressure can cause the pages holding the transferred memory to be evicted from the page cache. Later, when the evicted pages are needed again, they can be reloaded from the backing filesystem.
Project Zero found the flaw back in November 2018. The team contacted Apple but no fix has been released yet.