CVE-2016-1719 : The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS bef

The IOHIDFamily API in Apple iOS before 9.2.1, OS X before 10.11.3, and tvOS before 9.1.1 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors.

Published 2016-02-01 11:59:03

Updated 2025-04-12 10:46:41

Source Apple Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2016-1719

Apple » Mac Os X
Versions up to, including, (<=) 10.11.2
cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*
Matching versions
Apple » Iphone Os
Versions up to, including, (<=) 9.2
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
Matching versions
Apple » Watchos
Versions up to, including, (<=) 2.1
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
Matching versions
Apple » Tvos
Versions up to, including, (<=) 9.1
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-1719

EPSS FAQ

0.61%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 67 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-1719

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
7.8	HIGH	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2016-1719

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-1719

http://packetstormsecurity.com/files/135438/iOS-Kernel-IOReportHub-Use-After-Free.html

iOS Kernel IOReportHub Use-After-Free ≈ Packet Storm
http://lists.apple.com/archives/security-announce/2016/Jan/msg00003.html

Apple - Lists.apple.com
Vendor Advisory

CVEs referencing this url
https://www.exploit-db.com/exploits/39359/

iOS Kernel - AppleOscarGyro Use-After-Free
https://support.apple.com/HT206168

About the security content of watchOS 2.2 - Apple Support
Vendor Advisory

CVEs referencing this url
https://code.google.com/p/google-security-research/issues/detail?id=603

603 - iOS kernel UaF in IOReportHub - project-zero - Monorail
http://lists.apple.com/archives/security-announce/2016/Jan/msg00005.html

Apple - Lists.apple.com
Vendor Advisory

CVEs referencing this url
https://www.exploit-db.com/exploits/39364/

iOS Kernel - IOReportHub Use-After-Free
http://packetstormsecurity.com/files/135442/iOS-Kernel-AppleOscarAccelerometer-Use-After-Free.html

iOS Kernel AppleOscarAccelerometer Use-After-Free ≈ Packet Storm
http://packetstormsecurity.com/files/135440/iOS-Kernel-AppleOscarCMA-Use-After-Free.html

iOS Kernel AppleOscarCMA Use-After-Free ≈ Packet Storm
https://code.google.com/p/google-security-research/issues/detail?id=604

604 - iOS kernel UaF in IOHIDEventService - project-zero - Monorail
https://code.google.com/p/google-security-research/issues/detail?id=607

607 - iOS kernel UaF in AppleOscarAccelerometer - project-zero - Monorail
http://packetstormsecurity.com/files/135439/iOS-Kernel-IOHIDEventService-Use-After-Free.html

iOS Kernel IOHIDEventService Use-After-Free ≈ Packet Storm
https://www.exploit-db.com/exploits/39363/

iOS Kernel - IOHIDEventService Use-After-Free
https://www.exploit-db.com/exploits/39361/

iOS Kernel - AppleOscarCompass Use-After-Free
https://www.exploit-db.com/exploits/39362/

iOS Kernel - AppleOscarCMA Use-After-Free
http://packetstormsecurity.com/files/135443/iOS-Kernel-AppleOscarGyro-Use-After-Free.html

iOS Kernel AppleOscarGyro Use-After-Free ≈ Packet Storm
http://lists.apple.com/archives/security-announce/2016/Mar/msg00001.html

Apple - Lists.apple.com

CVEs referencing this url
https://support.apple.com/HT205729

About the security content of tvOS 9.1.1 - Apple Support
Vendor Advisory

CVEs referencing this url
https://code.google.com/p/google-security-research/issues/detail?id=606

606 - iOS kernel UaF in AppleOscarCompass - project-zero - Monorail
https://www.exploit-db.com/exploits/39360/

iOS Kernel - AppleOscarAccelerometer Use-After-Free
https://code.google.com/p/google-security-research/issues/detail?id=608

608 - iOS kernel UaF in AppleOscarGyro - project-zero - Monorail
https://support.apple.com/HT205732

About the security content of iOS 9.2.1 - Apple Support
Vendor Advisory

CVEs referencing this url
http://packetstormsecurity.com/files/135441/iOS-Kernel-AppleOscarCompass-Use-After-Free.html

iOS Kernel AppleOscarCompass Use-After-Free ≈ Packet Storm
https://code.google.com/p/google-security-research/issues/detail?id=605

605 - iOS kernel UaF in AppleOscarCMA - project-zero - Monorail
http://www.securitytracker.com/id/1034736

Apple OS X Multiple Memory Corruption Flaws Lets Local Users Obtain Root Privileges - SecurityTracker

CVEs referencing this url
http://lists.apple.com/archives/security-announce/2016/Jan/msg00002.html

Apple - Lists.apple.com
Vendor Advisory

CVEs referencing this url
https://support.apple.com/HT205731

About the security content of OS X El Capitan 10.11.3 and Security Update 2016-001 - Apple Support
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-1719

Products affected by CVE-2016-1719

Exploit prediction scoring system (EPSS) score for CVE-2016-1719

CVSS scores for CVE-2016-1719

CWE ids for CVE-2016-1719

References for CVE-2016-1719