Apple iOS代码签名检查漏洞

CVE ID：CVE-2011-3442 Apple iOS是一款运行在苹果iPhone和iPod touch设备上的最新的操作系统。 mmap系统调用对合法标记组合检查存在逻辑错误，此问题可导致绕过代码签名检查。 Apple iOS 5.x for iPhone 3GS and later Apple iOS for iPod touch 5.x 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息： http://support.apple.com/kb/HT5052...

CVE-2011-3442

The CVE-2011-3442 issue affects Apple iOS prior to 5.0.1, where the kernel’s mmap flag validation can be bypassed, allowing a local attacker to execute unsigned code via a crafted app. The vulnerability stems from a logic error in how the mmap system call checks valid flag combinations, potential...