CVE-2015-3693
Rowhammer - NaCl Sandbox Escape
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Apple Mac EFI before 2015-001, as used in OS X before 10.10.4 and other products, does not properly set refresh rates for DDR3 RAM, which might make it easier for remote attackers to conduct row-hammer attacks, and consequently gain privileges or cause a denial of service (memory corruption), by triggering certain patterns of access to memory locations.
Apple Mac EFI anterior a 2015-001, utilizado en OS X anterior a 10.10.4 y otros productos, no configura correctamente los indices actualizados para DDR3 RAM, lo que podría facilitar a atacantes remotos realizar ataques 'row-hammer', y como consecuencia gnar privilegios o causar una denegación de servicio (corrupción de memoria), mediante la provocación de ciertas pautas de acceso a localizaciones de memoria.
OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address privilege escalation, arbitrary code execution, access bypass, and various other vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-03-09 First Exploit
- 2015-05-07 CVE Reserved
- 2015-07-01 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-254: 7PK - Security Features
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html | X_refsource_misc | |
| http://www.securityfocus.com/bid/75495 | Vdb Entry | |
| http://www.securitytracker.com/id/1032444 | Vdb Entry | |
| http://www.securitytracker.com/id/1032755 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/36311 | 2015-03-09 |
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html | 2016-12-06 |
| URL | Date | SRC |
|---|---|---|
| http://lists.apple.com/archives/security-announce/2015/Jun/msg00003.html | 2016-12-06 | |
| http://support.apple.com/kb/HT204934 | 2016-12-06 | |
| http://support.apple.com/kb/HT204942 | 2016-12-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | <= 10.10.3 Search vendor "Apple" for product "Mac Os X" and version " <= 10.10.3" | - |
Affected
| ||||||