Apple · Macos X · CVE-2013-5172
**Name of the Vulnerable Software and Affected Versions**
Mac OS X versions prior to 10.9
**Description**
The issue is related to the kernel in Mac OS X, which does not properly determine the output length for SHA-2 digest function calls. This allows attackers to cause a denial of service (panic) by triggering a digest operation. An example of such an attack is demonstrated by an IPSec connection.
**Recommendations**
For versions prior to 10.9, update to version 10.9 or later to resolve the issue.