|CVSS SCORE||6.9, (AV:L/AC:M/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the dtrace facility. The issue lies with the failure to validate user-supplied chunk size values which can lead to arbitrary read and write of memory. An attacker can leverage this vulnerability to escalate privileges and execute code under the context of the kernel.
Apple has issued an update to correct this vulnerability. More details can be found at: