|CVSS SCORE||6.9, (AV:L/AC:M/Au:N/C:C/I:C/A:C)|
The specific flaw exists within the handling of the AudioAUUC kernel extension. The issue lies in the failure to check for an integer overflow condition when allocating a buffer. An attacker can leverage this vulnerability to execute code within the context of the kernel.
Apple has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Jack Tang of Trend Micro (@jacktang310)
Moony Li of Trend Micro