CVE-2013-5172 Information

Description

The kernel in Apple Mac OS X before 10.9 does not properly determine the output length for SHA-2 digest function calls which allows context-dependent attackers to cause a denial of service (panic) by triggering a digest operation as demonstrated by an IPSec connection.

Reference

http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html