Security Advisory

CVE-2013-5172

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2013-10-24 01:00:00

Last updated 2024-09-16 23:10:19

Assigner apple

State PUBLISHED

Description

The kernel in Apple Mac OS X before 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent attackers to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection.

← Browse all CVEs View on cve.org ↗