Lucene search

K
zdiLee of the Information Security LabYonsei University.ZDI-18-1322
HistoryOct 30, 2018 - 12:00 a.m.

Apple macOS AppleGPUWrangler Logging Uninitialized Memory Information Disclosure Vulnerability

2018-10-3000:00:00
Lee of the Information Security LabYonsei University.
www.zerodayinitiative.com
29
apple
macos
applegpuwrangler
logging
uninitialized memory
information disclosure
vulnerability
local attackers
sensitive information
low-privileged code
handling
log entries
lack of initialization
memory
accessing
exploit
flaw
kernel.

EPSS

0.001

Percentile

34.1%

This vulnerability allows local attackers to disclose sensitive information on vulnerable installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of log entries. The issue results from the lack of proper initialization of memory prior to accessing it. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the kernel.

EPSS

0.001

Percentile

34.1%