Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages

Google Project Zero researcher describes discovery and exploitation of a type‑confusion vulnerability in macOS CoreAudio's Mach IPC handlers (com.apple.audio.audiohald) that allowed sandbox escapes and potential arbitrary code execution; the post details the fuzzing harness, reverse engineering, PoC, and Apple patches (CVE‑2024‑54529) shipped in recent macOS updates.