An issue exists in certain Apple products. macOS prior to 10.12.2 is affected. The issue involves the "Directory Services" component. It allows local users to gain privileges or cause a denial of service (use-after-free) via unspecified vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple mac os x |
Holy Moley! iOS and MacOS were wholly holey
Ian Beer of Google's Project Zero has followed up on a “coming soon” Twitter teaser with a jailbreakable iOS and Mac OS vulnerability. Beer went public after Apple worked out a fix for the kernel memory corruption bug. He even launched a Twitter account for the occasion: (For non-programmers: tfp0 stands for “task for pid 0” – the kernel task port, and therefore the vector for pwnage.) The release is designed to let others take their own toolkits to Apple devices, ultimately to improve...