Lucene search
Lilang Wu and Moony Li of TrendMicro Mobile Security Research TeamZDI-19-962HistoryNov 06, 2019 - 12:00 a.m.
Apple macOS AMDRadeonX4000_AMDSIGLContext Untrusted Pointer Dereference Privilege Escalation Vulnerability
2019-11-0600:00:00
Lilang Wu and Moony Li of TrendMicro Mobile Security Research Team
www.zerodayinitiative.com
7
0.001 Low
EPSS
Percentile
39.5%
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the AMDRadeonX4000_AMDSIGLContext object. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
References
Related
cve
cve
CVE-2019-8748
2019-12-18 18:15:38
prion
prion
Memory corruption
2019-12-18 18:15:00
nvd
nvd
CVE-2019-8748
2019-12-18 18:15:38
cvelist
cvelist
CVE-2019-8748
2019-12-18 17:33:22
threatpost
threatpost
Apple Tackles Over a Dozen Bugs in its Catalina 10.15 Update
2019-10-08 19:34:54
nessus
nessus
macOS < 10.15 Multiple Vulnerabilities
2019-10-18 00:00:00
openvas
openvas
Apple Mac OS X Security Updates (HT210722)-02
2019-10-30 00:00:00
Apple Mac OS X Security Update (HT210634)
2023-01-10 00:00:00
apple
apple