First published: Fri Sep 18 2015(Updated: )
The __sflush function in fflush.c in stdio in libc in FreeBSD 10.1 and the kernel in Apple iOS before 9 mishandles failures of the write system call, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow) via a crafted application.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPhone OS | <=8.4.1 | |
FreeBSD FreeBSD | =10.1 | |
Apple Mac OS X | <=10.10.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.