Apple Laptop Battery Interface Lets Local Users Deny Service
|
|
SecurityTracker Alert ID: 1025831 |
|
SecurityTracker URL: http://securitytracker.com/id/1025831
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jul 22 2011
|
Impact:
Denial of service via local system
|
Vendor Confirmed: Yes
|
|
Description:
A vulnerability was reported in the battery interface used in Apple laptop models. A local user can cause denial of service conditions.
The battery microcontroller interfaces uses common API keys. A local user with knowledge of the keys can control the microcontroller functions. This can be exploited to prevent the battery from being charged, interfere with battery heat regulation, or cause the battery to stop functioning.
The vendor has been notified.
Charlie Miller reported this vulnerability.
|
Impact:
A local user can prevent the battery from charging, interfere with the battery heat regulation, or cause the battery to become unusable.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.apple.com/ (Links to External Site)
|
Cause:
Authentication error
|
Underlying OS:
|
|
Message History:
None.
|
Source Message Contents
|
Date: Fri, 22 Jul 2011 22:07:10 +0000
Subject: Mac OS X
|
Battery hack
|
|
