Devices affected include those with 64-bit processors and iOS 8: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad Air 2, iPad mini 2, and iPad mini 3. The researchers noted that the “Darwin Nuke” vulnerability is exploited while processing an IP packet of specific size and with invalid IP options. Remote attackers can execute a DoS (denial of service) attack on a device with OS X 10.10 or iOS 8, sending an incorrect network packet to the target. After processing the invalid network packet, the system crashes. The researchers discovered that the system crashes if the IP packet meets the following conditions:
The size of the IP header is 60 bytes. The size of the IP payload is less than or equal to 65 bytes. The IP options is incorrect (invalid option size, class, etc.)
Anton Ivanov, senior malware analyst at Kaspersky Lab, said: “At first sight, it is very hard to exploit this bug, as the conditions attackers need to meet are not trivial ones, but persistent cyber criminals can do so, breaking down devices or even affecting the activity of corporate networks.” “Routers and firewalls would usually drop incorrect packets with invalid option sizes, but we discovered several combinations of incorrect IP options that are able to pass through the Internet routers. We’d like to warn all OS X 10.10 and iOS 8 users to update devices to OS X 10.10.3 and iOS 8.3 releases.” The researchers have also advised iPhone/iPad and Mac OS X users to use only those web browsers which are repeatedly patched against such flaws and also update their machines and smartphones to the latest OS build. The researchers also said that have a good password management system helps in diffusing the attack along with a good anti-virus.