An issue exists in certain Apple products. iOS prior to 10.2 is affected. macOS prior to 10.12.2 is affected. watchOS prior to 3.1.3 is affected. The issue involves the "Kernel" component. It allows malicious users to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple iphone os |
||
apple mac os x |
||
apple watchos |
Holy Moley! iOS and MacOS were wholly holey
Ian Beer of Google's Project Zero has followed up on a “coming soon” Twitter teaser with a jailbreakable iOS and Mac OS vulnerability. Beer went public after Apple worked out a fix for the kernel memory corruption bug. He even launched a Twitter account for the occasion: (For non-programmers: tfp0 stands for “task for pid 0” – the kernel task port, and therefore the vector for pwnage.) The release is designed to let others take their own toolkits to Apple devices, ultimately to improve...