|
|
|
Vulnerability Note VU#765096Mac OS X kernel "fpathconf()" syscall fails to properly handle unknown file typesOverviewA vulnerability in the Mac OS X kernel could allow an authenticated local attacker to cause a denial of service.I. DescriptionThe fpathconf() system call provides a method for applications to determine the current value of a configurable system limit or option variable associated with a file descriptor. The version of fpathconf() provided with the Apple Mac OS X kernel (XNU) is programmed to panic when it is passed file descriptors associated with types it cannot otherwise handle, such as semaphore descriptors returned by the sem_open() system call for named semaphores.II. ImpactAn authenticated local attacker could cause the affected system to crash due to a kernel panic. This condition results in a denial of service.III. SolutionApply a patch from the vendorApple has published Mac OS X 10.4.9 for Mac OS X 10.4 (Tiger) systems and Security Update 2007-003 for Mac OS X 10.3 (Panther) systems in response to this issue. Users are encouraged to review Apple Support Article ID 305214 and apply the appropriate update for their system.
References
This vulnerability was published by LMH as part of the Month of Kernel Bugs project. Ilja van Sprundel is credited with the discovery of this issue. This document was written by Chad R Dougherty.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||
Get Adobe Reader