3/9/2023 0 Comments Security for mac os 2018![]() ![]() We will let you know once we have concluded our investigation and updated the security advisories to include your information. We ask that you please refrain from disclosing these issues until we have concluded our investigation. While these issues were addressed with macOS High Sierra 10.13.6, we are investigating addressing these issues on additional platforms. Apple asked me not to disclose the vulnerabilities until further notice. The vulnerabilities were fixed in macOS version 10.13.6, which Apple released on July 9, 2018. The vulnerabilities were in the client-side NFS implementation, which is used for mounting a network drive, like a NAS, into the Mac’s file system. ![]() Or, with physical access to the computer, an attacker could have logged in as the guest user (no password required) and then used the vulnerabilities to elevate their privileges and take control of the computer. An attacker could potentially have used them to remotely hack into a Mac. Apple classified these vulnerabilities as remote code execution vulnerabilities in the kernel, so they were extremely serious. This post is about several stack and heap buffer overflows that I found in Apple’s macOS operating system kernel. ![]() OctoCVE-2018-4259: MacOS NFS vulnerabilties lead to kernel RCE Kevin Backhouse
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |