CVE-2013-5145

Published: Sep 19, 2013Modified: Apr 29, 2026

6.3

Vector

AV:L/AC:M/Au:N/C:N/I:C/A:C

Exploitability: 3.4 / Impact: 9.2

Source: NVD

Description

kextd in Kext Management in Apple iOS before 7 does not properly verify authorization for IPC messages, which allows local users to (1) load or (2) unload kernel extensions via a crafted message.

Affected (48)

Products: Apple: Iphone Os

Apple

1 product

Iphone Os

Configuration A

48 vulnerable

Vulnerable Software	Affected Versions
Apple Iphone Os	Up to 6.1.4
Apple Iphone Os	Version 1.0.0
Apple Iphone Os	Version 1.0.1
Apple Iphone Os	Version 1.0.2
Apple Iphone Os	Version 1.1.0
Apple Iphone Os	Version 1.1.1
Apple Iphone Os	Version 1.1.2
Apple Iphone Os	Version 1.1.3
Apple Iphone Os	Version 1.1.4
Apple Iphone Os	Version 1.1.5
Apple Iphone Os	Version 2.0.0
Apple Iphone Os	Version 2.0.1
Apple Iphone Os	Version 2.0.2
Apple Iphone Os	Version 2.0
Apple Iphone Os	Version 2.1.1
Apple Iphone Os	Version 2.1
Apple Iphone Os	Version 2.2.1
Apple Iphone Os	Version 2.2
Apple Iphone Os	Version 3.0.1
Apple Iphone Os	Version 3.0
Apple Iphone Os	Version 3.1.2
Apple Iphone Os	Version 3.1.3
Apple Iphone Os	Version 3.1
Apple Iphone Os	Version 3.2.1
Apple Iphone Os	Version 3.2.2
Apple Iphone Os	Version 3.2
Apple Iphone Os	Version 4.0.1
Apple Iphone Os	Version 4.0.2
Apple Iphone Os	Version 4.0
Apple Iphone Os	Version 4.1
Apple Iphone Os	Version 4.2.1
Apple Iphone Os	Version 4.2.5
Apple Iphone Os	Version 4.2.8
Apple Iphone Os	Version 4.3.0
Apple Iphone Os	Version 4.3.1
Apple Iphone Os	Version 4.3.2
Apple Iphone Os	Version 4.3.3
Apple Iphone Os	Version 4.3.5
Apple Iphone Os	Version 5.0.1
Apple Iphone Os	Version 5.0
Apple Iphone Os	Version 5.1.1
Apple Iphone Os	Version 5.1
Apple Iphone Os	Version 6.0.1
Apple Iphone Os	Version 6.0.2
Apple Iphone Os	Version 6.0
Apple Iphone Os	Version 6.1.2
Apple Iphone Os	Version 6.1.3
Apple Iphone Os	Version 6.1