CVE-2011-3259 — Apple TV vulnerability

CWE-3993 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.6%

top 18.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Apple TV Apple Iphone OS

Timeline

PublishedOct 14

Latest updateMay 17

Description

The kernel in Apple iOS before 5 and Apple TV before 4.4 does not properly recover memory allocated for incomplete TCP connections, which allows remote attackers to cause a denial of service (resource consumption) by making many connection attempts.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶NVDapple/apple_tv4 versions+3

▶NVDapple/iphone_os19 versions+18

🔴Vulnerability Details

GHSA

GHSA-2g22-24qq-rqw9: The kernel in Apple iOS before 5 and Apple TV before 4↗2022-05-17

▶

CVEList

CVE-2011-3259: The kernel in Apple iOS before 5 and Apple TV before 4↗2011-10-14

▶