CVE-2014-1320
Apple iOS < 7.1.1, OS X <= 10.9.2, and tvOS < 6.1.1 - ASLR Bypass via IOKit Kernel Pointer Exposure
Title source: llmDescription
IOKit in Apple iOS before 7.1.1, Apple OS X through 10.9.2, and Apple TV before 6.1.1 places kernel pointers into an object data structure, which makes it easier for local users to bypass the ASLR protection mechanism by reading unspecified attributes of the object.
References (3)
Core 3
Core References
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-04/0134.html
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-04/0136.html
Third Party Advisory vendor-advisory
x_refsource_apple
http://archives.neohapsis.com/archives/bugtraq/2014-04/0135.html
Scores
EPSS
0.0037
EPSS Percentile
28.9%
Details
CWE
CWE-200
Status
published
Products (15)
apple/iphone_os
7.0
apple/iphone_os
7.0.1
apple/iphone_os
7.0.2
apple/iphone_os
7.0.3
apple/iphone_os
7.0.4
apple/iphone_os
7.0.5
apple/iphone_os
7.0.6
apple/iphone_os
< 7.1
apple/mac_os_x
10.9
apple/mac_os_x
10.9.1
... and 5 more
Published
Apr 23, 2014
Tracked Since
Feb 18, 2026