Apple fixes memory corruption vulnerability in AirPort product line

Apple has patched a memory corruption vulnerability in its AirPort product line that could otherwise be exploited to remotely execute code.
Apple has patched a memory corruption vulnerability in its AirPort product line that could otherwise be exploited to remotely execute code.

Addressing a vulnerability that could have potentially resulted in remote code execution, Apple yesterday announced a firmware update for several of its AirPort Wi-Fi products.

According to an Apple mailing list notification, firmware updates 7.6.7 and 7.7.7 have been applied to AirPort Express, AirPort Extreme and AirPort Time Capsule base stations using the 802.11n Wi-Fi standard, as well as AirPort Extreme and AirPort Time Capsule base stations with the 802.11ac standard and using AirPort Utility for Mac or iOS.

Apple described the vulnerability – officially designated as CVE-2015-7029 – as a memory corruption issue existing in the DNS data parsing process. “This issue was addressed through improved bounds checking,” the notification explained.

Sophos senior security advisor Paul Ducklin wrote in a Naked Security article that the bug – originally discovered nine months ago – is probably exploitable “by feeding malformed replies to an AirPort that makes outbound DNS requests on behalf of the devices on its internal network.”

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS