CVE-2023-28206

What is IOSurfaceAccelerator?

IOSurface is Apple's cross-process GPU memory sharing framework — it allows the GPU, display subsystem, and CPU to share large image/video buffers efficiently without copying. IOSurfaceAccelerator is the kernel extension (kext) that implements GPU-accelerated operations on IOSurface objects. Because IOSurface provides a path from user-space applications to kernel-mode GPU buffer management, vulnerabilities in the IOSurfaceAccelerator kernel extension allow user-mode code to corrupt kernel memory — making it a valuable target for privilege escalation in multi-stage exploits.

Overview

CVE-2023-28206 is an out-of-bounds write (CWE-787) in the IOSurfaceAccelerator kernel extension that allows an application to execute arbitrary code with kernel privileges. Apple patched it in an emergency April 7, 2023 out-of-band update alongside CVE-2023-28205 (WebKit use-after-free). Together the two CVEs form a complete device compromise chain: CVE-2023-28205 achieves code execution in the WebKit renderer sandbox via a malicious web page, and CVE-2023-28206 escalates from the sandbox to full kernel privileges. Both CVEs were added to the CISA KEV catalog on April 10, 2023. The CVSS S:C (scope changed) reflects that kernel compromise affects all security boundaries on the device — not just the application. Apple credited Clément Lecigne (Google TAG) and Donncha Ó Cearbhaill (Amnesty International Security Lab) with discovery.

Affected Versions

Note: Safari is not affected by this specific CVE — it targets the kernel extension, not the browser engine.

Technical Details

An out-of-bounds write (CWE-787) in IOSurfaceAccelerator allows writing data beyond the bounds of a kernel-managed buffer. The IOSurfaceAccelerator kernel extension processes requests from user-space applications to perform GPU-accelerated operations on shared image buffers. A crafted request — crafted by malicious code already running in the WebKit renderer process after CVE-2023-28205 — triggers the out-of-bounds write in the kernel extension.

The attacker-controlled write to kernel memory allows:

• Overwriting kernel data structures to escalate privileges from the sandboxed WebKit process to kernel level
• Disabling security mitigations enforced by the kernel (sandbox, entitlement checks)
• Gaining persistent post-exploitation capability: installing spyware agent files, disabling system logging, or modifying system configuration

The S:C (scope changed) CVSS metric captures this: exploitation of the WebKit sandbox escape does not remain contained to the WebKit process — it compromises the entire device's security model.

Discovery

Clément Lecigne of Google's Threat Analysis Group (TAG) and Donncha Ó Cearbhaill of Amnesty International Security Lab jointly reported CVE-2023-28206. The same researchers identified CVE-2023-28205 (the WebKit stage), confirming they discovered the complete two-stage chain being exploited in targeted spyware delivery. Apple's advisory language — "Apple is aware of a report that this issue may have been actively exploited" — confirms in-the-wild exploitation before patching.

Exploitation Context

This CVE is the kernel escalation stage of the April 2023 Apple zero-day chain. In the targeted spyware deployment pattern used by commercial surveillance vendors (NSO Group, Intellexa, and similar), the delivery typically proceeds as follows:

1. Target visits a malicious URL (delivered via iMessage, email, or other means)
2. WebKit UAF (CVE-2023-28205) executes attacker code in the renderer sandbox
3. IOSurfaceAccelerator OOB write (CVE-2023-28206) escalates to kernel code execution
4. Spyware payload is installed with persistent access to messages, contacts, microphone, camera, and location

The discovery by TAG and Amnesty International — organizations that track commercial surveillance — confirms this chain was deployed against civil society targets before Apple issued the emergency patch.

Remediation

1. Update to iOS/iPadOS 16.4.1 or 15.7.5 — apply via Settings → General → Software Update.
2. Update macOS Ventura to 13.3.1 — apply via System Settings → General → Software Update.
3. Enable automatic updates on all Apple devices — emergency out-of-band patches like this one are delivered through automatic updates, minimizing the window of exposure.
4. Consider Lockdown Mode for high-risk individuals (journalists, activists, lawyers, human rights workers) — it restricts WebKit processing features that serve as the first stage of exploit chains like this one.
5. Monitor for unexpected battery drain, cellular data usage, or device temperature — potential indicators of spyware activity on a compromised device.