VYPR
← All advisories
Unrated severityNVD Advisory· Published Aug 5, 2010· Updated Apr 29, 2026

CVE-2010-2973

CVE-2010-2973

Description

Integer overflow in IOSurface on iOS allows local privilege escalation, as used by the JailbreakMe exploit.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Integer overflow in IOSurface on iOS allows local privilege escalation, as used by the JailbreakMe exploit.

Vulnerability

An integer overflow vulnerability exists in the IOSurface subsystem of Apple iOS. Affected versions include iOS before 4.0.2 on iPhone and iPod touch, and iOS before 3.2.2 on iPad [1][2]. The overflow occurs when handling IOSurface properties, leading to memory corruption.

Exploitation

The vulnerability can be exploited by a local user or via a malicious PDF that triggers the overflow. The JailbreakMe exploit demonstrated this by using a crafted PDF that, when viewed, triggers the IOSurface integer overflow to gain elevated privileges. No authentication is required beyond user interaction [3].

Impact

Successful exploitation allows an attacker to execute arbitrary code with root privileges, resulting in full device compromise. The attacker gains the ability to install unauthorized applications, modify system settings, and access sensitive data.

Mitigation

Apple released iOS 4.0.2 for iPhone and iPod touch and iOS 3.2.2 for iPad to fix this issue [1][2]. Users should update their devices to these versions or later. The vulnerability was publicly exploited in JailbreakMe, highlighting the need for prompt patching.

References
  1. About the security content of the iOS 4.0.2 Update for iPhone and iPod touch - Apple Support
  2. About the security content of the iOS 3.2.2 Update for iPad - Apple Support
  3. OffSec’s Exploit Database Archive

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

7
  • Apple Inc./Iphone OS6 versions
    cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*+ 5 more
    • cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:-:ipodtouch:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0:-:iphone:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0:-:ipodtouch:*:*:*:*:*
  • Apple Inc./iOSllm-fuzzy
    Range: before 4.0.2 (iPhone/iPod touch) and before 3.2.2 (iPad)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.