com_apple_AVEBridge::submitData NULL Pointer Dereference
-
Alex Plaskett - Published: 19 Jan 2018
com_apple_AVEBridge: :submitData NULL Pointer Dereference
CVE-2017-13858
Share
Type
- Memory Corruption
Severity
- Low
Affected products
- Apple macOS 10.13.1
CVE Reference
- CVE-2017-13858
Timeline
| 2017-09-25 | Issue reported to vendor |
| 2017-12-06 | Vendor issues patch |
| 2018-01-19 | MWR Labs releases advisory |
Description
A NULL pointer dereference issue was identified within the ‘com.apple.AVEBridge’ IOKit kernel extension driver.
Impact
On systems without SMAP/SMEP it is expected this could be used to achieve kernel code execution. However, on modern systems with these protections, this issue is limited to a denial of service.
Cause
The com_apple_AVEBridge::submitData function was found to perform insufficient input validation.
Interim Workaround
N/A
Solution
Users should apply the released security update from Apple (https://support.apple.com/en-gb/HT208331).
Technical details
Please refer to the attached advisory.