Null pointer dereference

2015-01-3011:59:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.1%

JSON

IOAcceleratorFamily in Apple iOS before 8.1.3, Apple OS X before 10.10.2, and Apple TV before 7.0.3 does not properly handle resource lists and IOService userclient types, which allows attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference) via a crafted app.

CPENameOperatorVersion
iphone_osle8.1.2
mac_os_xle10.10.1
tvosle7.0.1

Name	Operator	Version
iphone_os	le	8.1.2
mac_os_x	le	10.10.1
tvos	le	7.0.1

References

lists.apple.com/archives/security-announce/2015/Jan/msg00000.html

lists.apple.com/archives/security-announce/2015/Jan/msg00001.html

lists.apple.com/archives/security-announce/2015/Jan/msg00003.html

support.apple.com/HT204244

support.apple.com/HT204245

support.apple.com/HT204246