Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1236Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple MAC OS X

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-476NULL Pointer Dereference7 documents7 sources
Severity
10.0CRITICALNVD
EPSS
5.1%
top 10.21%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Linux KernelApple MAC OS XApple MAC OS X Server
Timeline
PublishedApr 2
Latest updateDec 24

Description

Heap-based buffer overflow in the AppleTalk networking stack in XNU 1228.3.13 and earlier on Apple Mac OS X 10.5.6 and earlier allows remote attackers to cause a denial of service (system crash) via a ZIP NOTIFY (aka ZIPOP_NOTIFY) packet that overwrites a certain ifPort structure member.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

NVDapple/mac_os_x10.5.6+54
NVDapple/mac_os_x_server10.5.6+54
Linuxlinux/linux_kernel6.2.06.4.8

🔴Vulnerability Details

3
OSV
iommufd: Set end correctly when doing batch carry2025-12-24
GHSA
GHSA-9p6w-24v2-vpv6: Heap-based buffer overflow in the AppleTalk networking stack in XNU 12282022-05-02
CVEList
CVE-2009-1236: Heap-based buffer overflow in the AppleTalk networking stack in XNU 12282009-04-02

💥Exploits & PoCs

1
Exploit-DB
Apple Mac OSX xnu 1228.3.13 - 'zip-notify' Remote Kernel Overflow (PoC)2009-03-23
CVE-2009-1236 — Apple MAC OS X vulnerability | cvebase