CVE-2017-13878: Input Validation

Reference Links

• https://support.apple.com/en-us/HT208331 (Advisory)
• http://www.securityfocus.com/bid/102099
• http://www.securitytracker.com/id/1039966
• https://support.apple.com/HT208331
• https://www.exploit-db.com/exploits/43780/

Parent vulnerabilities

(Appears in the following advisories)

• HT208331

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2017-13887
• CVE-2017-9798
• CVE-2017-13905
• CVE-2017-7172
• CVE-2017-13892
• CVE-2017-7171
• CVE-2017-7151
• CVE-2017-1000254
• CVE-2017-13872
• CVE-2017-15422
• CVE-2017-13883
• CVE-2017-7163
• CVE-2017-7155
• CVE-2017-13878
• CVE-2017-13875
• CVE-2017-7159
• CVE-2017-13848
• CVE-2017-13858
• CVE-2017-13847
• CVE-2017-7162
• CVE-2017-13904
• CVE-2017-5754
• CVE-2017-13862
• CVE-2017-13867
• CVE-2017-7173
• CVE-2017-13876
• CVE-2017-13855
• CVE-2017-13865
• CVE-2017-13868
• CVE-2017-13869
• CVE-2017-7154
• CVE-2017-13871
• CVE-2017-13860
• CVE-2017-3735
• CVE-2017-12837
• CVE-2017-7158
• CVE-2017-13911
• CVE-2017-13886

Frequently Asked Questions

• What is CVE-2017-13878?

  CVE-2017-13878 is a vulnerability in the Intel Graphics Driver component that allows local users to bypass memory-read restrictions or cause a denial of service on certain Apple products running macOS before version 10.13.2.

• What is the severity of CVE-2017-13878?

  The severity of CVE-2017-13878 is rated as high with a score of 7.1.

• Which products are affected by CVE-2017-13878?

  macOS versions before 10.13.2 are affected by CVE-2017-13878.

• How can this vulnerability be exploited?

  This vulnerability can be exploited by local users to bypass memory-read restrictions or cause a denial of service.

• Is there a fix for CVE-2017-13878?

  Yes, updating macOS to version 10.13.2 or later fixes CVE-2017-13878.