CVE-2017-7163: Buffer Overflow

Reference Links

• https://support.apple.com/en-us/HT208331 (Advisory)
• https://support.apple.com/HT208331

Parent vulnerabilities

(Appears in the following advisories)

• HT208331

Peer vulnerabilities

(Found alongside the following vulnerabilities)

• CVE-2017-13887
• CVE-2017-9798
• CVE-2017-13905
• CVE-2017-7172
• CVE-2017-13892
• CVE-2017-7171
• CVE-2017-7151
• CVE-2017-1000254
• CVE-2017-13872
• CVE-2017-15422
• CVE-2017-13883
• CVE-2017-7163
• CVE-2017-7155
• CVE-2017-13878
• CVE-2017-13875
• CVE-2017-7159
• CVE-2017-13848
• CVE-2017-13858
• CVE-2017-13847
• CVE-2017-7162
• CVE-2017-13904
• CVE-2017-5754
• CVE-2017-13862
• CVE-2017-13867
• CVE-2017-7173
• CVE-2017-13876
• CVE-2017-13855
• CVE-2017-13865
• CVE-2017-13868
• CVE-2017-13869
• CVE-2017-7154
• CVE-2017-13871
• CVE-2017-13860
• CVE-2017-3735
• CVE-2017-12837
• CVE-2017-7158
• CVE-2017-13911
• CVE-2017-13886

Frequently Asked Questions

• What is the CVE ID for this vulnerability?

  The CVE ID for this vulnerability is CVE-2017-7163.

• What is the severity of CVE-2017-7163?

  The severity of CVE-2017-7163 is critical with a CVSS score of 7.8.

• Which Apple products are affected by CVE-2017-7163?

  macOS before 10.13.2, macOS High Sierra up to 10.13.2, Sierra, and El Capitan are affected by CVE-2017-7163.

• How can attackers exploit CVE-2017-7163?

  Attackers can exploit CVE-2017-7163 to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.

• Is there a fix available for CVE-2017-7163?

  Yes, a fix is available. Users should update their macOS to version 10.13.2 or later to mitigate this vulnerability.