Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529
In the first part of this series, I detailed my journey into macOS security research, which led to the discovery of a type confusion vulnerability ( CVE-2024-54529 ) and a double-free vulnerability ( CVE-2025-31235 ) in the coreaudiod system daemon through a process I call knowledge-driven fuzzing. While the first post focused on …