The kernel in Apple OS X through 10.9.2 places a kernel pointer into an XNU object data structure accessible from user space, which makes it easier for local users to bypass the ASLR protection mechanism by reading an unspecified attribute of the object.
Administrators are advised to apply the appropriate updates.
Administrators are advised to allow only trusted users to access local systems.
Administrators are advised to allow only privileged users to access administration or management systems.
To exploit the vulnerability the attacker may need
access to the local system. This access requirement could limit the
likelihood of a successful exploit.
Apple report indicates that this vulnerability has been mitigated by removing the pointer from the object within the updated versions.