com_apple_AVEBridge::queryCompletion Invalid Read
-
Alex Plaskett - Published: 19 Jan 2018
com_apple_AVEBridge: :queryCompletion Invalid Read
CVE-2017-13848
Share
Type
- Memory Corruption
Severity
- High
Affected products
- Apple macOS 10.13.1
CVE Reference
- CVE-2017-13848
Timeline
| 2017-09-25 | Issue reported to vendor |
| 2017-12-06 | Vendor issues patch |
| 2018-01-19 | MWR Labs releases advisory |
Description
The ‘com.apple.AVEBridge’ IOKit kernel extension was found to contain a vulnerability when handling data passed from user space into the kernel.
Impact
This vulnerability could be used to obtain kernel code execution on affected systems.
Cause
The kernel extension does not perform appropriate sanitisation of data passed from user space.
Interim Workaround
N/A
Solution
Users should apply the released security update from Apple (https://support.apple.com/en-gb/HT208331).
Technical details
Please refer to the attached advisory.