CVE-2016-1846
CVE-2016-1846
The nvCommandQueue::GetHandleIndex method in the NVIDIA Graphics Drivers subsystem in Apple OS X before 10.11.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (NULL pointer dereference and memory corruption) via a crafted app.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.com/files/137403/OS-X-GeForce.kext-NULL-Pointer-Dereference.htmlunverifiedcve_referencewww.exploit-db.com/exploits/39920/unverifiedexploitdbwww.exploit-db.com/exploits/39920unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.apple.com/archives/security-announce/2016/May/msg00004.htmlhttp://packetstormsecurity.com/files/137403/OS-X-GeForce.kext-NULL-Pointer-Dereference.htmlhttps://bugs.chromium.org/p/project-zero/issues/detail?id=784https://support.apple.com/HT206567https://www.exploit-db.com/exploits/39920/http://www.securityfocus.com/bid/90696http://www.securitytracker.com/id/1035895