One CVE is in Wallet and Citizen Lab mention PassKit. My guess is that BlastDoor deserializes the PassKit payload successfully, then sends it to PassKit which subsequently decodes a malicious image outside of BlastDoor.

Yup. You can just have your crafted webp (This is the patch for the ImageIO bug https://chromium.googlesource.com/webm/libwebp/+/902bc919033...) image with the .png extension (inside your passkit - https://developer.apple.com/library/archive/documentation/Us...) and you send it to your target..

I think you're right but I don't see any detailed information from The Citizen Lab. I expect a lot more information after some embargo timer runs out.

For context, here's another report from them outlining a similar vulnerability: https://citizenlab.ca/2021/08/bahrain-hacks-activists-with-n...

It may be the case that either the kernel vulnerability hasn't been analyzed or fixed yet, or that they were not able to capture it. Many of these exploits have multiple stages and grabbing the later ones is difficult.

Is that still true when you control the source code and compiler? Or just for external researchers?

It’s not that reverse engineering is the challenge but that the exploit likely gets downloaded from a server that isn’t online anymore.

Probably 3 - sandbox escape, being able to launch a process in privileged mode and something that adds to the kernel table of allowed hashes.

But it is totally possible for them to have been able only to identify one of them if they didn't intercept the whole attack.

Image I/O has been mentioned elsewhere. Suspect it's code that's running in process from that library that's doing it.