VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 19, 2013· Updated Apr 29, 2026

CVE-2013-5155

CVE-2013-5155

Description

The Sandbox subsystem in Apple iOS before 7 allows denial of service via crafted writes to /dev/random.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

The Sandbox subsystem in Apple iOS before 7 allows denial of service via crafted writes to /dev/random.

Vulnerability

The Sandbox subsystem in Apple iOS prior to version 7 contains a flaw that allows an application to cause an infinite loop by writing crafted values to the /dev/random device. This affects all iOS versions before 7, including iPhone 4 and later, iPod touch (5th generation) and later, and iPad 2 and later [1].

Exploitation

An attacker must have the ability to run a malicious or crafted application on the target device. The application writes specifically crafted values to /dev/random, which triggers an infinite loop in the Sandbox subsystem. No additional authentication or network access is required beyond the ability to execute code on the device.

Impact

Successful exploitation results in a denial of service condition, causing the device to become unresponsive due to an infinite loop. This impacts system availability but does not lead to information disclosure or privilege escalation.

Mitigation

Apple addressed this issue in iOS 7, released on September 18, 2013 [1]. Users should update to iOS 7 or later to mitigate the vulnerability. No workarounds are available for earlier versions.

References
  1. About the security content of iOS 7 - Apple Support

AI Insight generated on May 24, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

49
  • Apple Inc./Iphone OS48 versions
    cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*+ 47 more
    • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*range: <=6.1.4
    • cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:2.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.2.8:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.3:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:4.3.5:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:5.1.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.0.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.1:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.1.2:*:*:*:*:*:*:*
    • cpe:2.3:o:apple:iphone_os:6.1.3:*:*:*:*:*:*:*
  • Apple Inc./iOSllm-fuzzy
    Range: <7.0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.