Unrated severityNVD Advisory· Published Sep 18, 2015· Updated May 6, 2026

CVE-2014-8611

Description

The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

A heap buffer overflow in FreeBSD 10.1 and Apple iOS before 9 due to improper handling of write() failures in __sflush() allows arbitrary code execution via crafted application.

Vulnerability

The __sflush function in fflush.c in the standard I/O library (libc) of FreeBSD 10.1 and the kernel of Apple iOS before version 9 mishandles failures of the write(2) system call. When a write operation fails, the function erroneously adjusts the buffered stream's internal state as if the write succeeded, leading to an accounting mismatch. This bug is present in FreeBSD 10.1 and iOS versions prior to 9 [1][3].

Exploitation

An attacker must cause a write system call to fail while a program is using buffered I/O and subsequently calls fflush(). This can be achieved by, for example, filling the filesystem, triggering a network error, or other conditions that cause write() to return an error. The attacker then needs to provide a crafted application that exploits the resulting heap buffer overflow. No authentication or special network position is required if the attacker can execute code or influence the program's environment [3].

Impact

Successful exploitation leads to a heap-based buffer overflow. This can result in data corruption or arbitrary code execution at the privilege level of the calling program. In the context of the kernel (iOS), this could mean kernel-level code execution. Denial of service is also possible [1][3].

Mitigation

FreeBSD released a fix in version 10.1-RELEASE-p1 and later, available via binary patch or source update [3]. Apple addressed the issue in iOS 9 [1]. No workaround is available for FreeBSD. Users should update to the patched versions immediately.

References

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./Iphone Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Range: <=8.4.1
Apple Inc./Mac Os X
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Range: <=10.10.5
FreeBSD/FreeBSD2 versions
cpe:2.3:o:freebsd:freebsd:10.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:freebsd:freebsd:10.1:*:*:*:*:*:*:*
- (no CPE)range: 10.1
Apple Inc./iOSllm-fuzzy
Range: <9

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2015/Sep/msg00001.htmlnvdVendor Advisory
lists.apple.com/archives/security-announce/2015/Sep/msg00008.htmlnvdVendor Advisory
support.apple.com/HT205212nvdVendor Advisory
support.apple.com/HT205267nvdVendor Advisory
www.freebsd.org/security/advisories/FreeBSD-SA-14:27.stdio.ascnvdVendor Advisory
svnweb.freebsd.org/basenvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000