Product | Apple iOS 10, macOS 10.12.6 |
Severity | High |
CVE Reference | CVE-2017-7114 |
Type | Memory Corruption |
Apple File System is a new, modern file system for iOS, macOS, tvOS, and watchOS. It is optimized for Flash/SSD storage and features strong encryption, copy-on-write metadata, space sharing, cloning for files and directories, snapshots, fast directory sizing, atomic safe-save primitives, and improved file system fundamentals.
APFS replaces HFS+ as the default file system for iOS 10.3 and later, and macOS High Sierra and later.
A vulnerability was identified with the APFS kernel extension on iOS 10 and macOS 10.12.6 which could lead to arbitrary kernel code execution.
Exploitation of this issue could lead to arbitrary kernel code execution.
This issue is due to insufficient input validation being performed within the kernel extension.
N/A
Apply the vendor supplied patch for the issue.
Please refer to the attached advisory.
Date | Summary |
2017-07-03 | Issue reported to vendor |
2017-09-19 | Vendor issues patch |
2018-01-19 | MWR Labs releases advisory |