CVE-2017-7159: Buffer Overflow

Reference Links

• https://support.apple.com/en-us/HT208331 (Advisory)
• https://support.apple.com/HT208331

Parent vulnerabilities

(Appears in the following advisories)

• HT208331

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2017-13887
• CVE-2017-9798
• CVE-2017-13905
• CVE-2017-7172
• CVE-2017-13892
• CVE-2017-7171
• CVE-2017-7151
• CVE-2017-1000254
• CVE-2017-13872
• CVE-2017-15422
• CVE-2017-13883
• CVE-2017-7163
• CVE-2017-7155
• CVE-2017-13878
• CVE-2017-13875
• CVE-2017-7159
• CVE-2017-13848
• CVE-2017-13858
• CVE-2017-13847
• CVE-2017-7162
• CVE-2017-13904
• CVE-2017-5754
• CVE-2017-13862
• CVE-2017-13867
• CVE-2017-7173
• CVE-2017-13876
• CVE-2017-13855
• CVE-2017-13865
• CVE-2017-13868
• CVE-2017-13869
• CVE-2017-7154
• CVE-2017-13871
• CVE-2017-13860
• CVE-2017-3735
• CVE-2017-12837
• CVE-2017-7158
• CVE-2017-13911
• CVE-2017-13886

Frequently Asked Questions

• What is CVE-2017-7159?

  CVE-2017-7159 is a memory corruption vulnerability in the IOAcceleratorFamily component of certain Apple products.

• Which products are affected by CVE-2017-7159?

  macOS before 10.13.2, macOS High Sierra up to 10.13.2, Sierra, and El Capitan are affected by CVE-2017-7159.

• What is the severity of CVE-2017-7159?

  CVE-2017-7159 has a severity rating of 7.8, which is classified as critical.

• How can CVE-2017-7159 be exploited?

  CVE-2017-7159 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

• How can I fix CVE-2017-7159?

  To fix CVE-2017-7159, update to macOS 10.13.2 or a higher version. For older versions, follow the instructions provided by Apple in their support articles.