CVE-2016-1757

EPSS 12.7%

Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.

Affected products

n/a · n/a

public PoCs found — 5

githubgithub.com/gdbinit/mach_race★ 85 cve_referencewww.exploit-db.com/exploits/39595/unverified cve_referencewww.exploit-db.com/exploits/39741/unverified exploitdbwww.exploit-db.com/exploits/39595unverified exploitdbwww.exploit-db.com/exploits/39741unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html https://bugs.chromium.org/p/project-zero/issues/detail?id=676 https://support.apple.com/HT206166 https://support.apple.com/HT206167 https://www.exploit-db.com/exploits/39595/https://www.exploit-db.com/exploits/39741/http://www.securitytracker.com/id/1035353