Lucene search
ABC Research s.r.o.ZDI-21-391HistoryMar 30, 2021 - 12:00 a.m.
Apple macOS AppleIntelKBLGraphics IOCTL 0x10010 Out-Of-Bounds Write Privilege Escalation Vulnerability
2021-03-3000:00:00
ABC Research s.r.o.
www.zerodayinitiative.com
13
0.0004 Low
EPSS
Percentile
16.1%
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of IOCTL 0x10010 in the AppleIntelKBLGraphics kext. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
References
Related
zdi
zdi
cvelist
cvelist
CVE-2020-27897
2021-04-02 17:26:02
nvd
nvd
CVE-2020-27897
2021-04-02 18:15:15
cve
cve
CVE-2020-27897
2021-04-02 18:15:15
prion
prion
Design/Logic Flaw
2021-04-02 18:15:00
nessus
nessus
apple
apple
About the security content of macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave
2020-12-14 00:00:00
About the security content of macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave - Apple Support
2021-02-01 06:39:19
About the security content of macOS Big Sur 11.0.1 - Apple Support
2021-02-18 06:14:03
openvas
openvas
Apple Mac OS X Security Update (HT211931)
2022-09-22 00:00:00