CVE-2017-13878: Input Validation
Intel Graphics Driver. An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed through improved input validation.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "Intel Graphics Driver" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read and system crash).
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2017-13887
- CVE-2017-9798
- CVE-2017-13905
- CVE-2017-7172
- CVE-2017-13892
- CVE-2017-7171
- CVE-2017-7151
- CVE-2017-1000254
- CVE-2017-13872
- CVE-2017-15422
- CVE-2017-13883
- CVE-2017-7163
- CVE-2017-7155
- CVE-2017-13878
- CVE-2017-13875
- CVE-2017-7159
- CVE-2017-13848
- CVE-2017-13858
- CVE-2017-13847
- CVE-2017-7162
- CVE-2017-13904
- CVE-2017-5754
- CVE-2017-13862
- CVE-2017-13867
- CVE-2017-7173
- CVE-2017-13876
- CVE-2017-13855
- CVE-2017-13865
- CVE-2017-13868
- CVE-2017-13869
- CVE-2017-7154
- CVE-2017-13871
- CVE-2017-13860
- CVE-2017-3735
- CVE-2017-12837
- CVE-2017-7158
- CVE-2017-13911
- CVE-2017-13886
Frequently Asked Questions
What is CVE-2017-13878?
CVE-2017-13878 is a vulnerability in the Intel Graphics Driver component that allows local users to bypass memory-read restrictions or cause a denial of service on certain Apple products running macOS before version 10.13.2.
What is the severity of CVE-2017-13878?
The severity of CVE-2017-13878 is rated as high with a score of 7.1.
Which products are affected by CVE-2017-13878?
macOS versions before 10.13.2 are affected by CVE-2017-13878.
How can this vulnerability be exploited?
This vulnerability can be exploited by local users to bypass memory-read restrictions or cause a denial of service.
Is there a fix for CVE-2017-13878?
Yes, updating macOS to version 10.13.2 or later fixes CVE-2017-13878.