Inconsistent handling of kqueue and kevent interfaces in the Mac OS X kernel, allows local unprivileged users to cause a denial of service condition. This particular vulnerability can be abused by a process registering a queue and a kernel event via the kevent() call, then spawning a child via fork() and attempting to register another event for the same ("parent") queue.
- More details and debugging information
- Proof of concept: MOKB-24-11-2006.c.bz2