CVE-2015-5891

Vulnerability

A memory corruption vulnerability exists in the SMB implementation of the XNU kernel in Apple OS X before version 10.11 (El Capitan). The exact nature of the flaw is not publicly detailed, but it can be triggered by a local user via unspecified vectors. Affected versions include all OS X releases prior to 10.11.

Exploitation

An attacker must have local access to the system, either through a user account or by already executing code at a lower privilege level. No authentication or special permissions beyond that are required. The exploitation steps are not disclosed in the available references.

Impact

Successful exploitation could allow a local attacker to gain elevated privileges, potentially achieving root-level access, or cause a denial of service through kernel memory corruption. The exact scope of compromise is unspecified.

Mitigation

Apple addressed the vulnerability in OS X El Capitan v10.11, released on September 30, 2015, as documented in the security advisory [1]. No workarounds are available. Users should update to OS X 10.11 or later. There is no indication that this CVE is listed on CISA's Known Exploited Vulnerabilities (KEV) catalog.