PT-2015-6291 · Apple · Mac Efi+1
Mark Seaborn
+2
·
Published
2015-07-03
·
Updated
2016-12-06
·
CVE-2015-3693
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Apple Mac EFI versions before 2015-001
OS X versions prior to 10.10.4
Description
The issue is related to the improper setting of refresh rates for DDR3 RAM, which could facilitate row-hammer attacks. This might allow remote attackers to gain privileges or cause a denial of service due to memory corruption by triggering specific patterns of access to memory locations.
Recommendations
For Apple Mac EFI versions before 2015-001, update to version 2015-001 or later.
For OS X versions prior to 10.10.4, update to OS X 10.10.4 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mac Efi
Os X