The fill_pipeinfo function in bsd/kern/sys_pipe.c in the XNU kernel in Apple Mac OS X 10.8.x allows local users to defeat the KASLR protection mechanism via the PROC_PIDFDPIPEINFO option to the proc_info system call for a kernel pipe handle.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2013-06-05 07:39
Updated : 2013-06-05 21:00
NVD link : CVE-2013-3952
Mitre link : CVE-2013-3952
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
apple
- mac_os_x