Unrated severityNVD Advisory· Published Sep 19, 2013· Updated Apr 29, 2026

CVE-2011-2391

Description

A remote attacker can cause denial of service via CPU exhaustion by sending crafted ICMPv6 packets to iOS devices running iOS versions prior to 7.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A remote attacker can cause denial of service via CPU exhaustion by sending crafted ICMPv6 packets to iOS devices running iOS versions prior to 7.

Vulnerability

The IPv6 implementation in the kernel of Apple iOS before version 7 contains a vulnerability that allows remote attackers to cause excessive CPU consumption. The issue is triggered by sending specially crafted ICMPv6 packets to the device. Affected versions include all iOS releases prior to 7 [3].

Exploitation

An attacker with network access to the target device can send a series of crafted ICMPv6 packets. No authentication or user interaction is required. The packets are processed by the kernel's IPv6 stack, leading to high CPU utilization.

Impact

Successful exploitation results in a denial of service condition due to CPU exhaustion, rendering the device unresponsive or severely degraded.

Mitigation

Apple addressed this vulnerability in iOS 7, released on September 18, 2013 [3]. Users should update to iOS 7 or later. No workaround is available for earlier versions.

References

About the security content of iOS 7 - Apple Support

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./iTunes
cpe:2.3:a:apple:itunes:*:*:*:*:*:*:*:*
Range: <=12.1
Apple Inc./Iphone OS48 versions
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*+ 47 more
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*range: <=6.1.4
- cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*
Apple Inc./Mac OS X
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Range: <=10.9.5
Apple Inc./iOSllm-fuzzy
Range: <7

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2013/Oct/msg00004.htmlnvdVendor Advisory
lists.apple.com/archives/security-announce/2013/Sep/msg00006.htmlnvdVendor Advisory
lists.apple.com/archives/security-announce/2015/Jan/msg00003.htmlnvdVendor Advisory
support.apple.com/HT204244nvdVendor Advisory
support.apple.com/kb/HT5934nvdVendor Advisory
support.apple.com/kb/HT6535nvdVendor Advisory
archives.neohapsis.com/archives/bugtraq/2014-09/0106.htmlnvd
archives.neohapsis.com/archives/bugtraq/2014-09/0107.htmlnvd
archives.neohapsis.com/archives/bugtraq/2014-10/0101.htmlnvd
osvdb.org/97438nvd
secunia.com/advisories/54886nvd
support.apple.com/kb/HT6441nvd
support.apple.com/kb/HT6442nvd
www.securitytracker.com/id/1029054nvd
exchange.xforce.ibmcloud.com/vulnerabilities/87222nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000