|Product||Apple macOS 10.13.1|
The ‘com.apple.AVEBridge’ IOKit kernel extension was found to contain a vulnerability when handling data passed from user space into the kernel.
This vulnerability could be used to obtain kernel code execution on affected systems.
The kernel extension does not perform appropriate sanitisation of data passed from user space.
Users should apply the released security update from Apple (https://support.apple.com/en-gb/HT208331).
Please refer to the attached advisory.
|2017-09-25||Issue reported to vendor|
|2017-12-06||Vendor issues patch|
|2018-01-19||MWR Labs releases advisory|