Lucene search
Lee of the Information Security LabYonsei University.ZDI-18-1322HistoryOct 30, 2018 - 12:00 a.m.
Apple macOS AppleGPUWrangler Logging Uninitialized Memory Information Disclosure Vulnerability
2018-10-3000:00:00
Lee of the Information Security LabYonsei University.
www.zerodayinitiative.com
23
0.001 Low
EPSS
Percentile
34.2%
This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of log entries. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the kernel.
References
Related
cvelist
cvelist
CVE-2018-4417
2019-04-03 17:43:18
nvd
nvd
CVE-2018-4417
2019-04-03 18:29:14
prion
prion
Input validation
2019-04-03 18:29:00
cve
cve
CVE-2018-4417
2019-04-03 18:29:14
openvas
openvas
Apple Mac OS X Security Updates (HT209193)-05
2018-11-02 00:00:00
Apple Mac OS X Security Update (HT209139)
2022-08-04 00:00:00
nessus
nessus
macOS 10.13.6 Multiple Vulnerabilities (Security Update 2018-002)
2018-10-31 00:00:00
macOS < 10.14 Multiple Vulnerabilities
2018-10-18 00:00:00
macOS and Mac OS X Multiple Vulnerabilities (Security Update 2018-005)
2018-10-31 00:00:00
apple
apple