Apple Mac OS X Lion kernel xnu versions 1699.32.7 except 1699.24.8 NFS mount privilege escalation exploit. This exploit leverage a stack overflow vulnerability to escalate privileges. The vulnerable function nfs_convert_old_nfs_args does not verify the size of a user-provided argument before copying it to the stack. As a result by passing a large size, a local user can overwrite the stack with arbitrary content.
8e779edf9df04a55e329faff795fd22465cd1d2fb570d611ba39e3d3871a8731