APFS methodContainerExtendedInfo Invalid Write

CVE-2017-7114

    Type

  • Memory Corruption

    • Severity

  • High

    • Affected products

  • Apple iOS 10, macOS 10.12.6

    • CVE Reference

  • CVE-2017-7114
Read more
Timeline
2017-07-03Issue reported to vendor
2017-09-19Vendor issues patch
2018-01-19MWR Labs releases advisory

Description

Apple File System is a new, modern file system for iOS, macOS, tvOS, and watchOS. It is optimized for Flash/SSD storage and features strong encryption, copy-on-write metadata, space sharing, cloning for files and directories, snapshots, fast directory sizing, atomic safe-save primitives, and improved file system fundamentals.

APFS replaces HFS+ as the default file system for iOS 10.3 and later, and macOS High Sierra and later.

A vulnerability was identified with the APFS kernel extension on iOS 10 and macOS 10.12.6 which could lead to arbitrary kernel code execution. 

Impact

Exploitation of this issue could lead to arbitrary kernel code execution. 

Cause

This issue is due to insufficient input validation being performed within the kernel extension. 

Interim Workaround

N/A

Solution

Apply the vendor supplied patch for the issue. 

Technical details

Please refer to the attached advisory.