OSVDB ID: 85627

Title: Apple iOS Kernel Berkeley Packet Filter (BPF) Interpreter Local Memory Disclosure

Info

Disclosure

Sep 20, 2012

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Sep 19, 2012

Description

Apple iOS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an error related to the Berkeley Packet Filter (BPF) interpreter occurs in the kernel. With a specially crafted program that uses a BPF interface, a local attacker can gain access to potentially sensitive information related to the layout of the kernel memory.

Classification

Location: Local Access Required
Impact: Loss of Confidentiality
Solution: Upgrade
Exploit: Exploit Private
Disclosure: Vendor Verified, Coordinated Disclosure
OSVDB: Authentication Required

Solution

Upgrade to version 6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Apple Inc.

Apple iOS

5.1.1

References

Credit

Unknown or Incomplete



Direct URL: http://osvdb.org/85627