cvedb.io
CVE-2016-8661
HIGH · CVSS 8.4
EPSS exploitation probability: 0%
Published 2016-11-15T15:59:00.180 · Last modified 2026-06-17T00:54:46.123

Summary

Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access to the operating system. The buffer overflow is related to insufficient checking of parameters to the "OSMalloc" and "copyin" kernel API calls.

Affected products

obdev — little_snitch

Does this affect you?

Add your gear to cvedb and we'll alert you only when obdev ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.