CVE-2018-4230

An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race condition.
References
Link Resource
https://support.apple.com/HT208849 Vendor Advisory
https://bugs.chromium.org/p/project-zero/issues/detail?id=1549 Exploit Third Party Advisory
https://www.exploit-db.com/exploits/44847/ Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1041027 Third Party Advisory VDB Entry
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Information

Published : 2018-06-08 11:29

Updated : 2018-07-13 10:58


NVD link : CVE-2018-4230

Mitre link : CVE-2018-4230


JSON object : View

CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Advertisement

dedicated server usa

Products Affected

apple

  • mac_os_x