Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability
BID:21349
Info
Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability
| Bugtraq ID: | 21349 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2006-6173 |
| Remote: | No |
| Local: | Yes |
| Published: | Nov 29 2006 12:00AM |
| Updated: | Mar 14 2007 03:54AM |
| Credit: | LMH <[email protected]> is credited with the discovery of this vulnerability. |
| Vulnerable: |
Apple Mac OS X Server 10.4.8 Apple Mac OS X Server 10.4.7 Apple Mac OS X Server 10.4.6 Apple Mac OS X Server 10.4.5 Apple Mac OS X Server 10.4.4 Apple Mac OS X Server 10.4.3 Apple Mac OS X Server 10.4.2 Apple Mac OS X Server 10.4.1 Apple Mac OS X Server 10.4 Apple Mac OS X 10.4.8 Apple Mac OS X 10.4.7 Apple Mac OS X 10.4.6 Apple Mac OS X 10.4.5 Apple Mac OS X 10.4.4 Apple Mac OS X 10.4.3 Apple Mac OS X 10.4.2 Apple Mac OS X 10.4.1 Apple Mac OS X 10.4 |
| Not Vulnerable: |
Apple Mac OS X Server 10.4.9 Apple Mac OS X 10.4.9 |
Discussion
Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability
Apple Mac OS X is prone to a local memory-corruption vulnerability. This issue occurs when the operating system fails to handle specially crafted arguments to a system call.
Attackers may exploit this issue to cause a kernel panic, effectively denying further service to legitimate users. Due to the nature of this issue, successful exploits may potentially result in the execution of arbitrary machine code in the context of the affected kernel, but this has not been confirmed.
Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected.
Apple Mac OS X is prone to a local memory-corruption vulnerability. This issue occurs when the operating system fails to handle specially crafted arguments to a system call.
Attackers may exploit this issue to cause a kernel panic, effectively denying further service to legitimate users. Due to the nature of this issue, successful exploits may potentially result in the execution of arbitrary machine code in the context of the affected kernel, but this has not been confirmed.
Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected.
Exploit / POC
Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability
The following proof of concept demonstrates this issue.
The following proof of concept demonstrates this issue.
Solution / Fix
Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for further information.
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4
Apple Mac OS X Server 10.4.1
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4.2
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.3
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.4
Apple Mac OS X Server 10.4.4
Apple Mac OS X Server 10.4.5
Apple Mac OS X 10.4.5
Apple Mac OS X Server 10.4.6
Apple Mac OS X 10.4.6
Apple Mac OS X 10.4.7
Apple Mac OS X Server 10.4.7
Apple Mac OS X Server 10.4.8
Apple Mac OS X 10.4.8
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for further information.
Apple Mac OS X Server 10.4
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.1
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.1
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.2
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.2
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.3
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.3
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.4
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.4
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.5
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.5
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.6
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.6
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.7
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.7
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X Server 10.4.8
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
Apple Mac OS X 10.4.8
-
Apple Mac OS X v10.4.9
http://www.apple.com/support/downloads/
References
Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability
References:
References: