ID

VAR-201707-1193

CVE

CVE-2017-7035

TITLE

Apple macOS of Intel Graphics Driver Component vulnerable to arbitrary code execution in privileged context

DESCRIPTION

An issue was discovered in certain Apple products. macOS before 10.12.6 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. Apple macOS is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code or bypass security restrictions and perform unauthorized actions. This may aid in further attacks. Apple macOS Sierra is a dedicated operating system developed by Apple for Mac computers. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-07-19-2 macOS 10.12.6 macOS 10.12.6 is now available and addresses the following: afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7016: riusksk (ae3aY=) of Tencent Security Platform Department afclip Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7033: riusksk (ae3aY=) of Tencent Security Platform Department AppleGraphicsPowerManagement Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7021: sss and Axis of Qihoo 360 Nirvan Team Audio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc. CVE-2017-7054: Lufeng Li of Qihoo 360 Vulcan Team, Alex Plaskett of MWR InfoSecurity Contacts Available for: macOS Sierra 10.12.5 Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed through improved memory handling. CVE-2017-7062: Shashank (@cyberboyIndia) CoreAudio Available for: macOS Sierra 10.12.5 Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved bounds checking. CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team curl Available for: macOS Sierra 10.12.5 Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to version 7.54.0. CVE-2016-9586 CVE-2016-9594 CVE-2017-2629 CVE-2017-7468 Foundation Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2017-7014: Axis and sss of Qihoo 360 Nirvan Team, Lee of Minionz CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (eeeaea*'ae-aa1'a(r)a"a(r)eaa(r)$?) CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team Intel Graphics Driver Available for: macOS Sierra 10.12.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team IOUSBFamily Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7022: an anonymous researcher CVE-2017-7024: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7026: an anonymous researcher Kernel Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7028: an anonymous researcher CVE-2017-7029: an anonymous researcher CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team kext tools Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team libarchive Available for: macOS Sierra 10.12.5 Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: A buffer overflow was addressed through improved bounds checking. CVE-2017-7068: found by OSS-Fuzz libxml2 Available for: macOS Sierra 10.12.5, OS X El Capitan v10.11.6, and OS X Yosemite v10.10.5 Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information Description: An out-of-bounds read was addressed through improved bounds checking. CVE-2017-7047: Ian Beer of Google Project Zero Wi-Fi Available for: macOS Sierra 10.12.5 Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-9417: Nitay Artenstein of Exodus Intelligence Additional recognition curl We would like to acknowledge Dave Murdock of Tangerine Element for their assistance. Installation note: macOS 10.12.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZb5VSAAoJEIOj74w0bLRGe3QP/2EYqCofq3zbIdr8qyzqkFea S7TLjRwnRulKBO4/Cj4Qfkc5wp8g4gd6qs0SjpfHIMw5XWwwGSxtljQ+zPhd8Zie AtwDPcjNpNKzcdgs1guEUwkv9gLgDbS6xbCUEnld00lURTAWxtMEP3Ue5chaJMn7 GpYQx8ZDZ15D8cjbtvIYHjmhTEutiqWB0EAcEvuM3ov54oC7qlu7vpXzevcLw9j6 YwZZJz2MSIlhpQh466qBr1Eay+EdTF69D0F18Jlpx9M+QejpHBLy08vk3UypXkqs Jjf/FmqrSuSZrPwU+WOYaps6AvZ+pDMnJIBuWDw1BaI5hrx3KA8eyGSlzedTM7DG r+myZHjIt4EOuSK6rOyZnmTLJM7/gWOm4CpPPbyDNd10nJm5oDWuZnqMlBcC4X/8 99ks/lXKbxtwTVL4AHDb0+rKJ2N9Try5togURREkAC5cI/97+zKzQ9Qobu4iC8MN Yo9dwDDP77vxANrGAUbEJSAWBR+tkLJw1jIJhIXeb/Hhayw4J02qo6RzO9bMotcx RhsNAr3ZN/REBBzinUR13o605W7I3ktRZlc1K8aVQqj4doRLCUAw0TJXs2/4pkKI hdueKoFsS66nbgoThU6VmAkyPfYubvJuDEaZ5wzS1CZOHZSr2Hy5//YfY9UhRcBu RN8FF9CraIvShvn0urgd =wnAu -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

buffer overflow

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Axis and sss of Qihoo 360 Nirvan Team, Lee of Minionz, riusksk, chenqin of Ant-financial Light-Year Security Lab, HappilyCoded (ant4g0nist and r3dsm0k3), shrek_wzw of Qihoo 360 Nirvan Team, Min (Spark) Zheng of Alibaba Inc, Lufeng Li of Qihoo 360 Vulcan Te

SOURCES

LAST UPDATE DATE

2025-04-20T21:07:43.394000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE