CVE-2015-5940

Vulnerability

A memory corruption issue exists in the Accelerate Framework component of Apple iOS (before 9.1) and OS X (before 10.11.1) when multi-threading is enabled. The framework omits certain validation and locking steps. Affected versions include iOS 9.0 and earlier on iPhone 4s and later, iPod touch (5th gen) and later, iPad 2 and later; and OS X Mavericks v10.9.5, Yosemite v10.10.5, and El Capitan 10.11 on Mac systems [1][2].

Exploitation

An attacker can exploit this vulnerability by enticing a user to visit a maliciously crafted website. No additional authentication or special network position is required beyond the user accessing the site; however, the system must have multi-threading enabled on the Accelerate Framework. The exact steps involve the website delivering crafted content that triggers the missing validation and locking, leading to memory corruption [1][2].

Impact

Successful exploitation allows the attacker to execute arbitrary code on the targeted device or cause a denial of service (memory corruption). The attacker gains the ability to run code at the privilege level of the user viewing the website, potentially compromising the device and its data [1][2].

Mitigation

Apple addressed the issue in iOS 9.1 (released October 21, 2015) and OS X El Capitan 10.11.1 (released October 21, 2015). Users should update to these versions or later. For OS X Mavericks and Yosemite, the fix is included in Security Update 2015-004 Yosemite and Security Update 2015-007 Mavericks, respectively. No workarounds are provided in the available references [1][2].