CVE-2014-8611

Name of the Vulnerable Software and Affected Versions FreeBSD version 10.1 Apple iOS versions prior to 9

Description The issue is related to the sflush function in fflush.c in stdio in libc, which mishandles failures of the write system call. This allows context-dependent attackers to execute arbitrary code or cause a denial of service via a crafted application, resulting in a heap-based buffer overflow.

Recommendations For FreeBSD version 10.1, update to a newer version that contains a fix for this issue. For Apple iOS versions prior to 9, update to iOS version 9 or later to resolve the issue.