VYPR

XNU

by Apple Inc.

CVEs (4)

  • CVE-2009-1236Apr 2, 2009
    risk 0.04cvss epss 0.08

    Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort…

  • CVE-2009-1237Apr 2, 2009
    risk 0.03cvss epss 0.01

    Multiple memory leaks in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allow local users to cause a denial of service (kernel memory consumption) via a crafted (1) SYS_add_profil or (2) SYS___mac_getfsstat system call.

  • CVE-2009-1235Apr 2, 2009
    risk 0.03cvss epss 0.01

    XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler, which allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain…

  • CVE-2007-6359Dec 15, 2007
    risk 0.03cvss epss 0.01

    The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return…