CVE-2015-3693

NONECVSS 0.0

0.0

Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations.

🔗 References (16)

product-security@applehttp://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
product-security@applehttp://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
product-security@applehttp://lists.apple.com/archives/security-announce/2015/Jun/msg00003.html
product-security@applehttp://support.apple.com/kb/HT204934
product-security@applehttp://support.apple.com/kb/HT204942
product-security@applehttp://www.securityfocus.com/bid/75495
product-security@applehttp://www.securitytracker.com/id/1032444
product-security@applehttp://www.securitytracker.com/id/1032755
af854a3a-2127-422b-91ae-364da2661108http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2015/Jun/msg00003.html
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT204934
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT204942
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/75495
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1032444

Is Your Infrastructure Affected by CVE-2015-3693?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2015-3693

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2015-3693?