Apple AirPort Base Station Firmware before 7.6.7 and 7.7.x before 7.7.7 misparses DNS data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Apple Security Advisory 2016-06-20-1 - AirPort Base Station Firmware Update 7.6.7 and 7.7.7 is now available and addresses an arbitrary code execution vulnerability.