562 - Opening userclient type 12 of IOSCSIPeripheralDeviceType00 leads to an exploitable kernel NULL dereference - project-zero

Starred by 1 user

Status:	Fixed
Owner:	ianbeer@google.com
Closed:	Dec 2015
Cc:	project-...@google.com
Id-629636820 Fixed-2015-Dec-08 Finder-ianbeer Deadline-90 CVE-2015-7068 Vendor-Apple Reported-2015-Oct-08 Product-IOKit CCProjectZeroMembers Severity-High

Opening userclient type 12 of IOSCSIPeripheralDeviceType00 leads to an exploitable kernel NULL dereference

Project Member Reported by ianbeer@google.com, Oct 8 2015

Back to list

Opening userclient type 12 of IOSCSIPeripheralDeviceType00 leads to an exploitable kernel NULL dereference.

Tested on OS X 10.11 ElCapitan (15a284) on MacBookAir5,2

scsi_peripheral.c
1.4 KB Download

Project Member Comment 1 by ianbeer@google.com, Oct 8 2015

Labels: Reported-2015-Oct-08 Id-629636820

Project Member Comment 2 by ianbeer@google.com, Dec 20 2015

Labels: CVE-2015-7068 Fixed-2015-Dec-08
Status: Fixed

Apple advisory: https://support.apple.com/en-gb/HT205637

Project Member Comment 3 by ianbeer@google.com, Jan 27 2016

Labels: -Restrict-View-Commit

► Sign in to add a comment