PT-2009-3780 · Apple · Xnu+1
Mu-B
·
Published
2009-04-02
·
Updated
2017-09-29
·
CVE-2009-1237
CVSS v2.0
4.9
Medium
| Vector | AV:L/AC:L/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
XNU versions 1228.3.13 and earlier
Apple Mac OS X versions 10.5.6 and earlier
Description
The issue is related to multiple memory leaks that can cause a denial of service due to kernel memory consumption. This can be triggered by a crafted system call, specifically via (1)
SYS add profil or (2) SYS mac getfsstat.Recommendations
For XNU versions 1228.3.13 and earlier, consider restricting access to the
SYS add profil and SYS mac getfsstat system calls until a patch is available.
For Apple Mac OS X versions 10.5.6 and earlier, apply configuration changes to limit the impact of kernel memory consumption.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Macos X
Xnu