CVE-2014-4420
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421.
View on NVDSeverity
N/A
EPSS
Probability of exploitation (next 30 days): 0.0008 (0.1%)
Percentile: 22.8%
EPSS: 2026-05-06
Affects
apple:tvosapple:iphone_osapple:mac_os_xTechnical description
The network-statistics interface in the kernel in Apple iOS before 8 and Apple TV before 7 does not properly initialize memory, which allows attackers to obtain sensitive memory-content and memory-layout information via a crafted application, a different vulnerability than CVE-2014-4371, CVE-2014-4419, and CVE-2014-4421.
Published: 9/18/2014, 10:55:10 AM
Last modified: 5/6/2026, 10:30:45 PM
References
- http://archives.neohapsis.com/archives/bugtraq/2014-09/0106.html
- http://archives.neohapsis.com/archives/bugtraq/2014-09/0107.html
- http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
- http://lists.apple.com/archives/security-announce/2015/Jan/msg00003.html
- http://support.apple.com/HT204244
- http://support.apple.com/kb/HT6441
- http://support.apple.com/kb/HT6442
- http://www.securityfocus.com/bid/69882