MacOS/iOS kernel memory corruption due to bad bounds checking in necp_client_copy_interface（CVE-2017-2473）

necpclientcopyinterface contains this code where interfaceindex is an attacker controlled a uint32t that: if interfaceindex != IFSCOPENONE && intinterfaceindex = ifindex interface = ifindex2ifnetinterfaceindex; This leads to an interface pointer being read out of bounds. This can lead to kernel...

CVE-2017-2473

creationtimestamp| type| source ---|---|--- 2017-04-04 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/41792...

CVE-2017-2473

An issue was discovered in certain Apple products. iOS before 10.3 is affected. macOS before 10.12.4 is affected. tvOS before 10.2 is affected. watchOS before 3.2 is affected. The issue involves the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause...

CVE-2017-2473

CVE-2017-2473 is a kernel memory corruption/out-of-bounds read vulnerability affecting Apple platforms (iOS before 10.3, macOS before 10.12.4, tvOS before 10.2, watchOS before 3.2). The root cause is improper bounds checking in necp_client_copy_interface: an attacker-controlled interface_index ca...