CVE-2017-7159: Buffer Overflow
IOAcceleratorFamily. A memory corruption issue was addressed with improved memory handling.
Other sources
An issue was discovered in certain Apple products. macOS before 10.13.2 is affected. The issue involves the "IOAcceleratorFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2017-13887
- CVE-2017-9798
- CVE-2017-13905
- CVE-2017-7172
- CVE-2017-13892
- CVE-2017-7171
- CVE-2017-7151
- CVE-2017-1000254
- CVE-2017-13872
- CVE-2017-15422
- CVE-2017-13883
- CVE-2017-7163
- CVE-2017-7155
- CVE-2017-13878
- CVE-2017-13875
- CVE-2017-7159
- CVE-2017-13848
- CVE-2017-13858
- CVE-2017-13847
- CVE-2017-7162
- CVE-2017-13904
- CVE-2017-5754
- CVE-2017-13862
- CVE-2017-13867
- CVE-2017-7173
- CVE-2017-13876
- CVE-2017-13855
- CVE-2017-13865
- CVE-2017-13868
- CVE-2017-13869
- CVE-2017-7154
- CVE-2017-13871
- CVE-2017-13860
- CVE-2017-3735
- CVE-2017-12837
- CVE-2017-7158
- CVE-2017-13911
- CVE-2017-13886
Frequently Asked Questions
What is CVE-2017-7159?
CVE-2017-7159 is a memory corruption vulnerability in the IOAcceleratorFamily component of certain Apple products.
Which products are affected by CVE-2017-7159?
macOS before 10.13.2, macOS High Sierra up to 10.13.2, Sierra, and El Capitan are affected by CVE-2017-7159.
What is the severity of CVE-2017-7159?
CVE-2017-7159 has a severity rating of 7.8, which is classified as critical.
How can CVE-2017-7159 be exploited?
CVE-2017-7159 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app.
How can I fix CVE-2017-7159?
To fix CVE-2017-7159, update to macOS 10.13.2 or a higher version. For older versions, follow the instructions provided by Apple in their support articles.