CVE-2009-1235

Name of the Vulnerable Software and Affected Versions XNU versions 1228.9.59 and earlier on Apple Mac OS X versions 10.5.6 and earlier

Description The issue allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS GET BOOT INFO fcntl calls, due to improper restriction of interaction between user space and the HFS IOCTL handler.

Recommendations For XNU versions 1228.9.59 and earlier on Apple Mac OS X versions 10.5.6 and earlier, consider restricting access to the HFS IOCTL handler as a temporary workaround until a patch is available.