• Product Information
• Security Products Overview
• Juniper Networks ISG Series
• IDP Demo
• Product Poster & Z-Card 

Title: Apple Mac OS X Shared_Region_Make_Private_Np Kernel Function Local Memory Corruption Vulnerability

Severity: HIGH

Description:

Apple Mac OS X is prone to a local memory-corruption vulnerability. This issue occurs when the operating system fails to handle specially crafted arguments to a system call.

Specifically, the vulnerability resides in the 'uap->rangeCount' and 'uap->ranges' parameters of the 'shared_region_make_private_np()' kernel function. An attacker may exploit this vulnerability by issuing a system call with malicious parameters to the affected function. This results in kernel memory becoming corrupted with attacker-supplied data.

Attackers may exploit this issue to cause a kernel panic, effectively denying further service to legitimate users. Due to the nature of this issue, successful exploits may potentially result in the execution of arbitrary machine code in the context of the affected kernel, but this has not been confirmed.

Mac OS X version 10.4.8 is vulnerable to this issue; other versions may also be affected.

Affected Products:

• Apple Mac OS X 10.4.0
• Apple Mac OS X 10.4.1
• Apple Mac OS X 10.4.2
• Apple Mac OS X 10.4.3
• Apple Mac OS X 10.4.4
• Apple Mac OS X 10.4.5
• Apple Mac OS X 10.4.6
• Apple Mac OS X 10.4.7
• Apple Mac OS X 10.4.8
• Apple Mac OS X Server 10.4.0
• Apple Mac OS X Server 10.4.1
• Apple Mac OS X Server 10.4.2
• Apple Mac OS X Server 10.4.3
• Apple Mac OS X Server 10.4.4
• Apple Mac OS X Server 10.4.5
• Apple Mac OS X Server 10.4.6
• Apple Mac OS X Server 10.4.7
• Apple Mac OS X Server 10.4.8

References:

• Apple: Mac OS X Home Page
• MOKB: MOKB-28-11-2006: Mac OS X shared_region_make_private_np() Memory Corruption

Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.