CVE-2016-1757 - Vulnerability Details - OpenCVE

Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app.

No CVSS v4.0

No CVSS v3.1

Attack Vector Local

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.54832.

Key SSVC decision points have not yet been added.

Vendors	Products
Apple Subscribe	Iphone Os Subscribe Mac Os X Subscribe

Configuration 1 [-]

OR	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:mac_os_x::::::::

No data.

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html
http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
http://www.securitytracker.com/id/1035353
https://bugs.chromium.org/p/project-zero/issues/detail?id=676
https://support.apple.com/HT206166
https://support.apple.com/HT206167
https://www.exploit-db.com/exploits/39595/
https://www.exploit-db.com/exploits/39741/

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2016-03-24T01:00:00

Updated: 2024-08-05T23:10:38.966Z

Reserved: 2016-01-13T00:00:00

Link: CVE-2016-1757

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2016-03-24T01:59:26.903

Modified: 2025-04-12T10:46:40.837

Link: CVE-2016-1757

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-362

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-03-21T00:00:00", "descriptions": [{"lang": "en", "value": "Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-30T20:57:01", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple"}, "references": [{"name": "APPLE-SA-2016-03-21-5", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"}, {"name": "39595", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/39595/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/HT206167"}, {"name": "39741", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/39741/"}, {"name": "1035353", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1035353"}, {"name": "APPLE-SA-2016-03-21-1", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=676"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://support.apple.com/HT206166"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@apple.com", "ID": "CVE-2016-1757", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "APPLE-SA-2016-03-21-5", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"}, {"name": "39595", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39595/"}, {"name": "https://support.apple.com/HT206167", "refsource": "CONFIRM", "url": "https://support.apple.com/HT206167"}, {"name": "39741", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/39741/"}, {"name": "1035353", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035353"}, {"name": "APPLE-SA-2016-03-21-1", "refsource": "APPLE", "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"}, {"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=676", "refsource": "MISC", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=676"}, {"name": "https://support.apple.com/HT206166", "refsource": "CONFIRM", "url": "https://support.apple.com/HT206166"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:10:38.966Z"}, "title": "CVE Program Container", "references": [{"name": "APPLE-SA-2016-03-21-5", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"}, {"name": "39595", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/39595/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/HT206167"}, {"name": "39741", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/39741/"}, {"name": "1035353", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1035353"}, {"name": "APPLE-SA-2016-03-21-1", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=676"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://support.apple.com/HT206166"}]}]}, "cveMetadata": {"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2016-1757", "datePublished": "2016-03-24T01:00:00", "dateReserved": "2016-01-13T00:00:00", "dateUpdated": "2024-08-05T23:10:38.966Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "080450EA-85C1-454D-98F9-5286D69CF237", "versionEndIncluding": "9.2.1", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "matchCriteriaId": "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82", "versionEndIncluding": "10.11.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Race condition in the kernel in Apple iOS before 9.3 and OS X before 10.11.4 allows attackers to execute arbitrary code in a privileged context via a crafted app."}, {"lang": "es", "value": "Condici\u00f3n de carrera en el kernel en Apple iOS en versiones anteriores a 9.3 y OS X en versiones anteriores a 10.11.4 permite a atacantes ejecutar c\u00f3gido arbitrario en un contexto privilegiado a trav\u00e9s de una app manipulada."}], "id": "CVE-2016-1757", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-03-24T01:59:26.903", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"}, {"source": "product-security@apple.com", "url": "http://www.securitytracker.com/id/1035353"}, {"source": "product-security@apple.com", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=676"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT206166"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT206167"}, {"source": "product-security@apple.com", "url": "https://www.exploit-db.com/exploits/39595/"}, {"source": "product-security@apple.com", "url": "https://www.exploit-db.com/exploits/39741/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00000.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1035353"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=676"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT206166"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/HT206167"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/39595/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.exploit-db.com/exploits/39741/"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}