CVE-2009-1237

Name of the Vulnerable Software and Affected Versions XNU versions 1228.3.13 and earlier Apple Mac OS X versions 10.5.6 and earlier

Description The issue is related to multiple memory leaks that can cause a denial of service due to kernel memory consumption. This can be triggered by a crafted system call, specifically via (1) SYS add profil or (2) SYS mac getfsstat.

Recommendations For XNU versions 1228.3.13 and earlier, consider restricting access to the SYS add profil and SYS mac getfsstat system calls until a patch is available. For Apple Mac OS X versions 10.5.6 and earlier, apply configuration changes to limit the impact of kernel memory consumption. At the moment, there is no information about a newer version that contains a fix for this vulnerability.