Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access to the operating system. The buffer overflow is related to insufficient checking of parameters to the "OSMalloc" and "copyin" kernel API calls.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: obdev
Published: 2016-11-15T15:00:00
Updated: 2016-11-25T19:57:01
Reserved: 2016-10-14T00:00:00
Link: CVE-2016-8661
JSON object: View
NVD Information
Status : Modified
Published: 2016-11-15T15:59:00.180
Modified: 2023-11-07T02:36:25.947
Link: CVE-2016-8661
JSON object: View
Redhat Information
No data.
CWE