|CVSS SCORE||6.9, (AV:L/AC:M/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the handling of DspFuncLib. The issue lies in the failure to remove a reference after freeing an object. An attacker can leverage this vulnerability to escalate privileges and execute code under the context of the kernel.
Apple has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Juwei Lin of Trend Micro