Unrated severityNVD Advisory· Published Oct 9, 2015· Updated May 6, 2026

CVE-2015-5871

Description

IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5872, CVE-2015-5873, and CVE-2015-5890.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

IOGraphics in Apple OS X before 10.11 allows local users to gain privileges or cause denial of service via memory corruption.

Vulnerability

A memory corruption vulnerability exists in the IOGraphics kernel extension of Apple OS X before version 10.11 (El Capitan). The issue affects systems running OS X 10.10.x and earlier. It can be triggered via unspecified vectors, potentially by a local user invoking certain IOGraphics functions.

Exploitation

An attacker must have local access to the system, either as an unprivileged user or with some level of interactive access. The exploitation vector is not publicly disclosed, but it likely involves sending crafted input to the IOGraphics subsystem through system calls or IOConnect methods, leading to memory corruption.

Impact

Successful exploitation allows the attacker to gain elevated privileges (kernel-level access) or cause a denial of service by crashing the kernel. The memory corruption can be used to achieve arbitrary code execution with kernel privileges, leading to full system compromise.

Mitigation

Apple addressed this vulnerability in OS X El Capitan v10.11, released on September 30, 2015 [1]. Users should upgrade to OS X 10.11 or later. No workaround is available for unpatched systems. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities catalog.

References

About the security content of OS X El Capitan v10.11 - Apple Support

AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./Mac Os X
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Range: <=10.10.5
Apple Inc./OS Xllm-fuzzy
Range: <10.11

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.apple.com/archives/security-announce/2015/Sep/msg00008.htmlnvdVendor Advisory
www.securitytracker.com/id/1033703nvdThird Party AdvisoryVDB Entry
support.apple.com/HT205267nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000