The kernel in Apple Mac OS X prior to 10.9 does not properly determine the output length for SHA-2 digest function calls, which allows context-dependent malicious users to cause a denial of service (panic) by triggering a digest operation, as demonstrated by an IPSec connection.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x 10.8.1 |
||
apple mac os x 10.8.2 |
||
apple mac os x 10.8.3 |
||
apple mac os x 10.8.4 |
||
apple mac os x |
||
apple mac os x 10.8.0 |
||
apple mac os x 10.8.5 |