Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-6359Apple MAC OS X vulnerability

CWE-1893 documents3 sources
Severity
4.9MEDIUMNVD
EPSS
0.2%
top 57.64%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Apple MAC OS X
Timeline
PublishedDec 15
Latest updateMay 1

Description

The cs_validate_page function in bsd/kern/ubc_subr.c in the xnu kernel 1228.0 and earlier in Apple Mac OS X 10.5.1 allows local users to cause a denial of service (failed assertion and system crash) via a crafted signed Mach-O binary that causes the hashes function to return NULL.

CVSS vector

AV:L/AC:L/C:N/I:N/A:CExploitability: 3.9 | Impact: 6.9

Affected Packages1 packages

NVDapple/mac_os_x10.5.1

🔴Vulnerability Details

1
GHSA
GHSA-xvg3-58p8-whhm: The cs_validate_page function in bsd/kern/ubc_subr2022-05-01

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX xnu 1228.0 - 'super_blob' Local kernel Denial of Service (PoC)2007-12-12