Saturday, January 13, 2007

MOAB-13-01-2007: Apple DMG HFS+ do_hfs_truncate() Denial of Service Vulnerability

A specially crafted HFS+ filesystem in a DMG image can cause the do_hfs_truncate() function to panic the kernel (denial of service), when attempting to remove a file from the mounted filesystem. This issue can't lead to arbitrary code execution, although there's a significant risk of local HFS+ filesystems corruption.

Further information:

No comments: