CVE-2006-5836

Darwin Kernel 8.8.1 - Denial of Service via fpathconf Syscall

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5836. PoCs published by ilja van sprundel.

AI-analyzed exploit summary This exploit triggers a local denial-of-service (DoS) in Mac OS X by misusing the `fpathconf` function with a semaphore, causing the kernel to crash. The code is minimal and directly demonstrates the vulnerability.

Description

The fpathconf syscall function in bsd/kern/kern_descrip.c in the Darwin kernel (XNU) 8.8.1 in Apple Mac OS X allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code via a file descriptor with an unrecognized file type.

Exploits (1)

exploitdb WORKING POC VERIFIED

by ilja van sprundel · cdososx

https://www.exploit-db.com/exploits/28948

View Code ZIP pw:eip

This exploit triggers a local denial-of-service (DoS) in Mac OS X by misusing the `fpathconf` function with a semaphore, causing the kernel to crash. The code is minimal and directly demonstrates the vulnerability.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Apple Mac OS X (kernel)

No auth needed

Prerequisites: Local access to the target system

MITRE ATT&CK