Lucene search
Lilang Wu and Moony Li of TrendMicro Mobile Security Research TeamZDI-19-934HistoryOct 31, 2019 - 12:00 a.m.
Apple macOS AppleIntelCFLGraphicsFramebuffer.kext Untrusted Pointer Dereference Privilege Escalation Vulnerability
2019-10-3100:00:00
Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team
www.zerodayinitiative.com
13
0.0004 Low
EPSS
Percentile
12.6%
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within AppleIntelCFLGraphicsFramebuffer.kext. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
References
Related
prion
prion
Memory corruption
2019-12-18 18:15:00
Memory corruption
2019-12-18 18:15:00
cve
cve
CVE-2019-8758
2019-12-18 18:15:39
CVE-2019-8755
2019-12-18 18:15:39
nvd
nvd
CVE-2019-8758
2019-12-18 18:15:39
CVE-2019-8755
2019-12-18 18:15:39
cvelist
cvelist
CVE-2019-8758
2019-12-18 17:33:22
CVE-2019-8755
2019-12-18 17:33:23
nessus
nessus
macOS < 10.15 Multiple Vulnerabilities
2019-10-18 00:00:00
threatpost
threatpost
Apple Tackles Over a Dozen Bugs in its Catalina 10.15 Update
2019-10-08 19:34:54
apple
apple
About the security content of macOS Catalina 10.15 - Apple Support
2020-08-10 07:58:24
About the security content of macOS Catalina 10.15
2019-10-07 00:00:00
openvas
openvas
Apple Mac OS X Security Update (HT210634)
2023-01-10 00:00:00