CVE-2014-8822
Description
IOHIDFamily in Apple OS X before 10.10.2 allows attackers to execute arbitrary code in a kernel context or cause a denial of service (write to kernel memory) via a crafted app that calls an unspecified user-client method.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
IOHIDFamily in Apple OS X before 10.10.2 allows local attackers to execute arbitrary code in kernel context via a crafted app calling an unspecified user-client method.
Vulnerability
IOHIDFamily, the kernel extension for Human Interface Devices in Apple OS X, contains a vulnerability in an unspecified user-client method. This issue affects OS X Yosemite versions before 10.10.2. The vulnerability is triggered when a crafted application calls the vulnerable user-client method, leading to a write to kernel memory.
Exploitation
An attacker must have local access to the system and the ability to run a crafted application. The application calls the unspecified user-client method in IOHIDFamily, which results in a write to kernel memory. No additional authentication or privileges are required beyond the ability to execute the app.
Impact
Successful exploitation allows an attacker to execute arbitrary code in kernel context or cause a denial of service by writing to kernel memory. This gives the attacker full control over the system or the ability to crash it.
Mitigation
Apple addressed this vulnerability in OS X Yosemite v10.10.2 and Security Update 2015-001, released on January 27, 2015 [1]. Users should update to the latest version. No workarounds are documented.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: <10.10.2
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.