Apple Credit Evad3rs on Four Security Fixes in iOS 6.1.3
Posted March 19, 2013 at 6:33pm by iClarified
Apple has acknowledged the evad3rs for discovery of four of the six security issues fixed in iOS 6.1.3, notes MuscleNerd.
Apple gives hat tip to @evad3rs for 4 of the 6 security fixes in 6.1.3 :) http://is.gd/nfspim
dyld
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.
CVE-ID : CVE-2013-0977 : evad3rs
Kernel
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to determine the address of structures in the kernel
Description: An information disclosure issue existed in the ARM prefetch abort handler. This issue was addressed by panicking if the prefetch abort handler is not being called from an abort context.
CVE-ID : CVE-2013-0978 : evad3rs
Lockdown
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to change permissions on arbitrary files
Description: When restoring from backup, lockdownd changed permissions on certain files even if the path to the file included a symbolic link. This issue was addressed by not changing permissions on any file with a symlink in its path.
CVE-ID : CVE-2013-0979 : evad3rs
USB
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute arbitrary code in the kernel
Description: The IOUSBDeviceFamily driver used pipe object pointers that came from userspace. This issue was addressed by performing additional validation of pipe object pointers.
CVE-ID : CVE-2013-0981 : evad3rs
Read More
Apple gives hat tip to @evad3rs for 4 of the 6 security fixes in 6.1.3 :) http://is.gd/nfspim
dyld
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.
CVE-ID : CVE-2013-0977 : evad3rs
Kernel
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to determine the address of structures in the kernel
Description: An information disclosure issue existed in the ARM prefetch abort handler. This issue was addressed by panicking if the prefetch abort handler is not being called from an abort context.
CVE-ID : CVE-2013-0978 : evad3rs
Lockdown
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to change permissions on arbitrary files
Description: When restoring from backup, lockdownd changed permissions on certain files even if the path to the file included a symbolic link. This issue was addressed by not changing permissions on any file with a symlink in its path.
CVE-ID : CVE-2013-0979 : evad3rs
USB
Available for: iPhone 3GS and later, iPod touch (4th generation) and later, iPad 2 and later
Impact: A local user may be able to execute arbitrary code in the kernel
Description: The IOUSBDeviceFamily driver used pipe object pointers that came from userspace. This issue was addressed by performing additional validation of pipe object pointers.
CVE-ID : CVE-2013-0981 : evad3rs
Read More