CVE-2013-0978

EUVD-2013-0989
The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Affected Products (NVD)
VendorProductVersion
appleiphone_os
𝑥
≤ 6.1.2
appleiphone_os
1.0.0
appleiphone_os
1.0.1
appleiphone_os
1.0.2
appleiphone_os
1.1.0
appleiphone_os
1.1.0
appleiphone_os
1.1.1
appleiphone_os
1.1.2
appleiphone_os
1.1.2
appleiphone_os
1.1.3
appleiphone_os
1.1.3
appleiphone_os
1.1.4
appleiphone_os
1.1.4
appleiphone_os
1.1.5
appleiphone_os
1.1.5
appleiphone_os
2.0
appleiphone_os
2.0.0
appleiphone_os
2.0.0
appleiphone_os
2.0.1
appleiphone_os
2.0.1
appleiphone_os
2.0.2
appleiphone_os
2.0.2
appleiphone_os
2.1
appleiphone_os
2.1
appleiphone_os
2.1.1
appleiphone_os
2.2
appleiphone_os
2.2
appleiphone_os
2.2.1
appleiphone_os
2.2.1
appleiphone_os
3.0
appleiphone_os
3.0
appleiphone_os
3.0.1
appleiphone_os
3.0.1
appleiphone_os
3.1
appleiphone_os
3.1
appleiphone_os
3.1.2
appleiphone_os
3.1.2
appleiphone_os
3.1.3
appleiphone_os
3.1.3
appleiphone_os
3.2
appleiphone_os
3.2
appleiphone_os
3.2.1
appleiphone_os
3.2.1
appleiphone_os
3.2.2
appleiphone_os
4.0
appleiphone_os
4.0
appleiphone_os
4.0.1
appleiphone_os
4.0.1
appleiphone_os
4.0.2
appleiphone_os
4.1
appleiphone_os
4.2.1
appleiphone_os
4.2.5
appleiphone_os
4.2.8
appleiphone_os
4.3.0
appleiphone_os
4.3.1
appleiphone_os
4.3.2
appleiphone_os
4.3.3
appleiphone_os
4.3.5
appleiphone_os
4.3.5
appleiphone_os
4.3.5
appleiphone_os
5.0
appleiphone_os
5.0
appleiphone_os
5.0
appleiphone_os
5.0.1
appleiphone_os
5.0.1
appleiphone_os
5.0.1
appleiphone_os
5.1
appleiphone_os
5.1.1
appleiphone_os
6.0
appleiphone_os
6.0.1
appleiphone_os
6.0.2
appleiphone_os
6.1
appletvos
𝑥
≤ 5.2.0
appletvos
1.0.0
appletvos
1.1.0
appletvos
2.0.0
appletvos
2.0.1
appletvos
2.0.2
appletvos
2.1.0
appletvos
2.2.0
appletvos
2.3.0
appletvos
2.3.1
appletvos
2.4.0
appletvos
3.0.0
appletvos
3.0.1
appletvos
3.0.2
appletvos
4.1.0
appletvos
4.1.1
appletvos
4.2.0
appletvos
4.2.1
appletvos
4.2.2
appletvos
4.3.0
appletvos
4.4.0
appletvos
4.4.2
appletvos
4.4.3
appletvos
4.4.4
appletvos
5.0.0
appletvos
5.0.1
appletvos
5.0.2
appletvos
5.1.0
appletvos
5.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2013/Mar/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Mar/msg00005.html
http://support.apple.com/kb/HT5702
http://support.apple.com/kb/HT5704
http://lists.apple.com/archives/security-announce/2013/Mar/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Mar/msg00005.html
http://support.apple.com/kb/HT5702
http://support.apple.com/kb/HT5704