|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Overlapping Segment Attack"
(reference CVE-2013-0977) |
m (→References: mention ATV link too) |
||
| Line 18: | Line 18: | ||
* [http://blog.accuvantlabs.com/blog/bthomas/evasi0n-jailbreaks-userland-component Accuvant Labs analysis of evasi0n] |
* [http://blog.accuvantlabs.com/blog/bthomas/evasi0n-jailbreaks-userland-component Accuvant Labs analysis of evasi0n] |
||
* [http://support.apple.com/kb/HT5704 Apple's iOS 6.1.3 security fixes] |
* [http://support.apple.com/kb/HT5704 Apple's iOS 6.1.3 security fixes] |
||
| + | * [http://support.apple.com/kb/HT5702 Apple's iOS 5.2.1 (Apple TV) security fixes] |
||
* [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0977 NIST Reference CVE-2013-0977] |
* [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0977 NIST Reference CVE-2013-0977] |
||
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0977 Mitre Reference CVE-2013-0977] |
* [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0977 Mitre Reference CVE-2013-0977] |
||
Revision as of 23:09, 6 April 2013
This is CVE-2013-0977. This vulnerability was first mentioned by i0n1c[1][2][3]: "So iOS 6.1.3 beta 2 also fixes the Overlapping Segment Attack against dyld used in evasi0n." and "The Accuvant Labs analysis is incomplete and does not mention this. They do not realize / mention that it is not possible to have a codeless dylib without exploiting dyld."
So a deeper investigation is necessary here.
Apple's description in the iOS 6.1.3 security fixes:
dyld
Impact: A local user may be able to execute unsigned code
Description: A state management issue existed in the handling of Mach-O executable files with overlapping segments. This issue was addressed by refusing to load an executable with overlapping segments.
