cve/2016/CVE-2016-8661.md

### [CVE-2016-8661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8661)
![](https://img.shields.io/static/v1?label=Product&message=Little%20Snitch%20version%203.0%20through%203.6.1&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=escalation%20of%20privileges&color=brighgreen)

### Description

Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access to the operating system. The buffer overflow is related to insufficient checking of parameters to the "OSMalloc" and "copyin" kernel API calls.

### POC

#### Reference
- https://speakerdeck.com/patrickwardle/defcon-2016-i-got-99-problems-but-little-snitch-aint-one

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2016-8661](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8661)`
			`![](https://img.shields.io/static/v1?label=Product&message=Little%20Snitch%20version%203.0%20through%203.6.1&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=escalation%20of%20privileges&color=brighgreen)`

			`### Description`

			`Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access to the operating system. The buffer overflow is related to insufficient checking of parameters to the "OSMalloc" and "copyin" kernel API calls.`

			`### POC`

			`#### Reference`
			`- https://speakerdeck.com/patrickwardle/defcon-2016-i-got-99-problems-but-little-snitch-aint-one`

			`#### Github`
			`No PoCs found on GitHub currently.`