Products Little Snitch Little Snitch Mini Micro Snitch LaunchBar Internet Access Policy Viewer More Products Shop Support Blog

CVE-2016-8661

Exploitable Heap Overflow Vulnerability

Little Snitch version 3.0 through 3.6.1 suffer from a buffer overflow vulnerability that could be locally exploited which could lead to an escalation of privileges (EoP) and unauthorised ring0 access to the operating system. The buffer overflow is related to insufficient checking of parameters to the "OSMalloc" and "copyin" kernel API calls.

Credit to Patrick Wardle (synack.com) for discovering this issue.

Little Snitch

Features What’s New Download Release Notes Upgrade

Little Snitch Mini

Features Compare

Other Products

LaunchBar Micro Snitch IAP Viewer

Resources

Internet Access Policy Blog Support Contact Us Lost License

Resources

Internet Access Policy Blog Support Contact Us Lost License

Company

About Us Press Privacy Policy Terms

 

Little Snitch

LaunchBar

© 2025 Objective Development Software GmbH

EnglishDeutsch