com_apple_AVEBridge::queryCompletion Invalid Read
-
Alex Plaskett - Published: 19 Jan 2018
- Type: Memory Corruption
- Severity: High
Affected Products
Apple macOS 10.13.1
CVE
CVE-2017-13848
Timeline
| 2017-09-25 | Issue reported to vendor |
| 2017-12-06 | Vendor issues patch |
| 2018-01-19 | MWR Labs releases advisory |
Description
The ‘com.apple.AVEBridge’ IOKit kernel extension was found to contain a vulnerability when handling data passed from user space into the kernel.
Impact
This vulnerability could be used to obtain kernel code execution on affected systems.
Cause
The kernel extension does not perform appropriate sanitisation of data passed from user space.
Interim Workaround
N/A
Solution
Users should apply the released security update from Apple (https://support.apple.com/en-gb/HT208331).
Technical details
Please refer to the attached advisory.