First published: Tue Sep 19 2017(Updated: )
An out-of-bounds read issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users to bypass intended memory-read restrictions.
Credit: Maxime Villard (m00nbsd) Maxime Villard (m00nbsd) Maxime Villard (m00nbsd) Maxime Villard (m00nbsd) Maxime Villard (m00nbsd) product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Mac OS X | <=10.13.0 | |
Apple macOS High Sierra | <10.13.1 | 10.13.1 |
Apple Sierra | ||
Apple El Capitan | ||
Apple iOS | <11 | 11 |
Apple tvOS | <11 | 11 |
Apple watchOS | <4 | 4 |
Apple macOS High Sierra | <10.13 | 10.13 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-13817 is an out-of-bounds read issue in certain Apple products that leads to the disclosure of kernel memory.
Apple watchOS before version 4, macOS High Sierra before version 10.13.1, Apple Sierra, Apple El Capitan, Apple iOS before version 11, and Apple tvOS before version 11 are affected by CVE-2017-13817.
CVE-2017-13817 has a severity value of 5.5, which is considered medium.
Local users can bypass intended memory-read restrictions in CVE-2017-13817 due to an out-of-bounds read issue.
Apply the recommended patches and updates provided by Apple to fix CVE-2017-13817.