APFS methodContainerExtendedInfo Invalid Write
CVE-2017-7114
Description
Apple File System is a new, modern file system for iOS, macOS, tvOS, and watchOS. It is optimized for Flash/SSD storage and features strong encryption, copy-on-write metadata, space sharing, cloning for files and directories, snapshots, fast directory sizing, atomic safe-save primitives, and improved file system fundamentals.
APFS replaces HFS+ as the default file system for iOS 10.3 and later, and macOS High Sierra and later.
A vulnerability was identified with the APFS kernel extension on iOS 10 and macOS 10.12.6 which could lead to arbitrary kernel code execution.
Impact
Exploitation of this issue could lead to arbitrary kernel code execution.
Cause
This issue is due to insufficient input validation being performed within the kernel extension.
Interim Workaround
N/A
Solution
Apply the vendor supplied patch for the issue.
Technical details
Please refer to the attached advisory.