Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529

CVE-2024-54529 is a type confusion vulnerability (where the code incorrectly assumes an object is a certain type without checking) in Apple's CoreAudio framework that allows attackers to crash the coreaudiod system daemon and potentially hijack control flow by manipulating pointer chains in memory. The vulnerability exists in the com.apple.audio.audiohald Mach service (a macOS inter-process communication system) where message handlers fetch objects without validating their actual type before performing operations on them.