Security Advisory

CVE-2014-4496

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-01-30 11:00:00

Last updated 2024-08-06 11:20:25

Assigner apple

State PUBLISHED

Description

The mach_port_kobject interface in the kernel in Apple iOS before 8.1.3 and Apple TV before 7.0.3 does not properly restrict kernel-address and heap-permutation information, which makes it easier for attackers to bypass the ASLR protection mechanism via a crafted app.

← Browse all CVEs View on cve.org ↗