CVE-2015-1101

Vulnerability

The kernel in Apple iOS before 8.3, Apple OS X before 10.10.3, and Apple TV before 7.2 contains a memory corruption vulnerability that allows attackers to execute arbitrary code in a privileged context or cause a denial of service. The issue is triggered by a crafted application [1][2][3]. Affected versions are iOS 7.x–8.2, OS X Yosemite 10.10–10.10.2 (and potentially earlier versions), and Apple TV 6.x–7.1.

Exploitation

An attacker must deliver a specially crafted application to the target device. The app exploits the kernel memory corruption when run, with no additional user interaction required beyond launching the app. The vulnerability is reachable from userland without special system access.

Impact

Successful exploitation allows the attacker to execute arbitrary code with kernel (system) privileges, gaining full control over the device. Alternatively, the corruption can be used to cause a denial of service (system crash). The impact includes complete compromise of confidentiality, integrity, and availability of the targeted system.

Mitigation

Apple addressed this vulnerability in iOS 8.3 [1], OS X Yosemite 10.10.3 and Security Update 2015-004 [2], and Apple TV 7.2 [3]. Users should update their devices to the latest available software versions. No workaround is available for unpatched systems.