3 matches found
MacOS/iOS kernel memory corruption due to off-by-one in SIOCGIFORDER socket ioctl (CVE-2017-2474)
SIOCSIFORDER and SIOCGIFORDER allow userspace programs to build and maintain the ifnetorderedhead linked list of interfaces. SIOCSIFORDER clears the existing list and allows userspace to specify an array of interface indexes used to build a new list. SIOCGIFORDER allow userspace to query the list...
CVE-2017-2474
creationtimestamp| type| source ---|---|--- 2017-04-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41793...
CVE-2017-2474
CVE-2017-2474 affects Apple devices (iOS, macOS, tvOS, watchOS) with kernel (XNU) memory corruption via an off-by-one error in the SIOCGIFORDER ioctl. The bug writes one entry beyond the allocated ordered_indices buffer because the loop uses a > comparison instead of >=, causing out-of-boun...