CVE-2013-0978

The ARM prefetch abort handler in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 does not ensure that it has been invoked in an abort context, which makes it easier for local users to bypass the ASLR protection mechanism via crafted code.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
2.1 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
appleCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
appleiphone_os
𝑥
≤ 6.1.2
appleiphone_os
1.0.0
appleiphone_os
1.0.1
appleiphone_os
1.0.2
appleiphone_os
1.1.0
appleiphone_os
1.1.0
appleiphone_os
1.1.1
appleiphone_os
1.1.2
appleiphone_os
1.1.2
appleiphone_os
1.1.3
appleiphone_os
1.1.3
appleiphone_os
1.1.4
appleiphone_os
1.1.4
appleiphone_os
1.1.5
appleiphone_os
1.1.5
appleiphone_os
2.0
appleiphone_os
2.0.0
appleiphone_os
2.0.0
appleiphone_os
2.0.1
appleiphone_os
2.0.1
appleiphone_os
2.0.2
appleiphone_os
2.0.2
appleiphone_os
2.1
appleiphone_os
2.1
appleiphone_os
2.1.1
appleiphone_os
2.2
appleiphone_os
2.2
appleiphone_os
2.2.1
appleiphone_os
2.2.1
appleiphone_os
3.0
appleiphone_os
3.0
appleiphone_os
3.0.1
appleiphone_os
3.0.1
appleiphone_os
3.1
appleiphone_os
3.1
appleiphone_os
3.1.2
appleiphone_os
3.1.2
appleiphone_os
3.1.3
appleiphone_os
3.1.3
appleiphone_os
3.2
appleiphone_os
3.2
appleiphone_os
3.2.1
appleiphone_os
3.2.1
appleiphone_os
3.2.2
appleiphone_os
4.0
appleiphone_os
4.0
appleiphone_os
4.0.1
appleiphone_os
4.0.1
appleiphone_os
4.0.2
appleiphone_os
4.1
appleiphone_os
4.2.1
appleiphone_os
4.2.5
appleiphone_os
4.2.8
appleiphone_os
4.3.0
appleiphone_os
4.3.1
appleiphone_os
4.3.2
appleiphone_os
4.3.3
appleiphone_os
4.3.5
appleiphone_os
4.3.5
appleiphone_os
4.3.5
appleiphone_os
5.0
appleiphone_os
5.0
appleiphone_os
5.0
appleiphone_os
5.0.1
appleiphone_os
5.0.1
appleiphone_os
5.0.1
appleiphone_os
5.1
appleiphone_os
5.1.1
appleiphone_os
6.0
appleiphone_os
6.0.1
appleiphone_os
6.0.2
appleiphone_os
6.1
appletvos
𝑥
≤ 5.2.0
appletvos
1.0.0
appletvos
1.1.0
appletvos
2.0.0
appletvos
2.0.1
appletvos
2.0.2
appletvos
2.1.0
appletvos
2.2.0
appletvos
2.3.0
appletvos
2.3.1
appletvos
2.4.0
appletvos
3.0.0
appletvos
3.0.1
appletvos
3.0.2
appletvos
4.1.0
appletvos
4.1.1
appletvos
4.2.0
appletvos
4.2.1
appletvos
4.2.2
appletvos
4.3.0
appletvos
4.4.0
appletvos
4.4.2
appletvos
4.4.3
appletvos
4.4.4
appletvos
5.0.0
appletvos
5.0.1
appletvos
5.0.2
appletvos
5.1.0
appletvos
5.1.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://lists.apple.com/archives/security-announce/2013/Mar/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Mar/msg00005.html
http://support.apple.com/kb/HT5702
http://support.apple.com/kb/HT5704
http://lists.apple.com/archives/security-announce/2013/Mar/msg00004.html
http://lists.apple.com/archives/security-announce/2013/Mar/msg00005.html
http://support.apple.com/kb/HT5702
http://support.apple.com/kb/HT5704