First published: Wed Apr 05 2017(Updated: )
Wi-Fi in Apple iOS before 10.3.1 does not prevent CVE-2017-6956 stack buffer overflow exploitation via a crafted access point. NOTE: because an operating system could potentially isolate itself from CVE-2017-6956 exploitation without patching Broadcom firmware functions, there is a separate CVE ID for the operating-system behavior.
Credit: product-security@apple.com Gal Beniamini Google Project Zero
Affected Software | Affected Version | How to fix |
---|---|---|
Apple TV | <7.3 | 7.3 |
iPhone OS | <=10.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-6975 is considered a critical vulnerability due to its potential for exploitation via crafted access points.
To fix CVE-2017-6975, update your iOS or Apple TV software to versions 10.3.1 or later.
CVE-2017-6975 affects all Apple iOS versions prior to 10.3.1.
Yes, CVE-2017-6975 can affect Apple TV Software versions earlier than 7.3.
CVE-2017-6975 is a stack buffer overflow vulnerability related to Wi-Fi in Apple devices.