IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.
2014-04-23T11:52:59.447
2025-04-12T10:46:40.837
Deferred
CVSSv2: 4.9 (MEDIUM)
AV:L/AC:L/Au:N/C:C/I:N/A:N
3.9
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | apple | mac_os_x | ≤ 10.9.2 | Yes |
| Operating System | apple | mac_os_x | 10.9 | Yes |
| Operating System | apple | mac_os_x | 10.9.1 | Yes |
| Operating System | apple | iphone_os | ≤ 7.1 | Yes |
| Operating System | apple | iphone_os | 7.0 | Yes |
| Operating System | apple | iphone_os | 7.0.1 | Yes |
| Operating System | apple | iphone_os | 7.0.2 | Yes |
| Operating System | apple | iphone_os | 7.0.3 | Yes |
| Operating System | apple | iphone_os | 7.0.4 | Yes |
| Operating System | apple | iphone_os | 7.0.5 | Yes |
| Operating System | apple | iphone_os | 7.0.6 | Yes |
| Operating System | apple | tvos | ≤ 6.1 | Yes |
| Operating System | apple | tvos | 6.0 | Yes |
| Operating System | apple | tvos | 6.0.1 | Yes |
| Operating System | apple | tvos | 6.0.2 | Yes |