Release date:
Updated on:
Affected Systems:
Apple Mac OS X
Description:
--------------------------------------------------------------------------------
Bugtraq id: 67023
CVE (CAN) ID: CVE-2014-1322
OS x (formerly Mac OS X) is the latest version of Apple's exclusive operating system developed for Mac tower computers.
The Kernel Pointer group stored in the XNU object in Apple Mac OS X 10.9.2 can be retrieved from the user area to read the Kernel Pointer. This allows you to bypass the kernel address space layout randomization.
<* Source: Ian Beer
Link: http://support.apple.com/kb/HT1222
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Apple
-----
Apple has released a Security Bulletin (APPLE-SA-2014-04-22-1) and patches for this:
APPLE-SA-2014-04-22-1: APPLE-SA-2014-04-22-1 Security Update 2014-002
Link: http://support.apple.com/kb/HT1222