VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 5, 2013· Updated Apr 29, 2026

CVE-2013-3955

CVE-2013-3955

Description

The get_xattrinfo function in the XNU kernel in Apple iOS 5.x and 6.x through 6.1.3 on iPad devices does not properly validate the header of an AppleDouble file, which might allow local users to cause a denial of service (memory corruption) or have unspecified other impact via an invalid file on an msdosfs filesystem.

Affected products

13
  • Apple Inc./iPad
    cpe:2.3:h:apple:ipad:*:*:*:*:*:*:*:*
  • Apple Inc./Ipad2
    cpe:2.3:h:apple:ipad2:-:*:*:*:*:*:*:*
  • Apple Inc./Ipad Mini
    cpe:2.3:h:apple:ipad_mini:-:*:*:*:*:*:*:*
  • Apple Inc./Iphone Os10 versions
    cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

5

News mentions

0

No linked articles in our index yet.