First published: Tue Sep 19 2017(Updated: )
Wi-Fi. Multiple race conditions were addressed through improved validation.
Credit: Gal Beniamini Google Project ZeroGal Beniamini Google Project Zero product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <11 | 11 |
Apple iPhone OS | <=10.3.3 | |
Apple tvOS | <=10.2.2 | |
Apple tvOS | <11 | 11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2017-7115 is a vulnerability in certain Apple products, specifically iOS before version 11 and tvOS before version 11, that involves the Wi-Fi component.
CVE-2017-7115 has a severity rating of 8.1, which is considered critical.
CVE-2017-7115 can allow remote attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) by sending crafted Wi-Fi traffic.
Apple iPhone OS version up to 10.3.3 and Apple tvOS version up to 10.2.2 are affected by CVE-2017-7115.
You can find more information about CVE-2017-7115 at the following references: http://www.securityfocus.com/bid/100924, http://www.securitytracker.com/id/1039385, and https://bugs.chromium.org/p/project-zero/issues/detail?id=1317.