The Passcode Lock implementation in Apple iOS before 6.0.1 does not properly manage the lock state, which allows physically proximate attackers to bypass an intended passcode requirement and access Passbook passes via unspecified vectors.A state management issue existed in the handling of Passbook passes at the lock screen. This issue was addressed through improved handling of Passbook passes.
An information disclosure issue existed in the handling of APIs related to kernel extensions. Responses containing an OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection. This issue was addressed by unsliding the addresses before returning them.
A use after free issue existed in the handling of SVG images. This issue was addressed through improved memory handling.