- OS X IOKit kernel memory corruption due to bad bzero in IOBluetoothDevice
- OS X networkd “effective_audit_token” XPC type confusion sandbox escape (with exploit)
- OS X IOKit kernel code execution due to NULL pointer dereference in IntelAccelerator
Don’t panic, though: an attacker would have to have direct access to the system to take advantage of the breaches. What’s more, the second issue may already have been addressed in Yosemite. (Unconfirmed.)
This article also refers.
Small Blue-Green World