Apple released a security update fixing several Kernel vulnerabilities, which could be exploited by local attackers to obtain elevated privileges or cause a denial of service (DoS).
- Insufficient input validation in the syscall emulation functionality could result in a heap overflow and a local denial of service through a kernel panic.
- SUID/SGID scripts installation could lead to privilege escalation.
- A stack overflow in the semop() system call could lead to a local privilege escalation.
- An integer overflow in the searchfs() system call could allow an unprivileged local user to execute arbitrary code with elevated privileges.
- An unspecified vulnerability in the handling of values passed to the setsockopt() call could allow unprivileged local users to cause a denial of service.
- Insufficient input validation in the nfs_mount() call could allow unprivileged local users to cause a denial of service via a kernel panic.
- An unspecified vulnerability in the parsing of certain executable files could allow unprivileged local users to temporarily suspend system operations.
Credits
Vulnerabilities reported by Dino Dai Zovi, Bruce Murphy, Justin Walker, Robert Stump and Neil Archibald
ChangeLog
2005-04-16 : Initial release
Vulnerability Management
Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
French
