Lufeng Li

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 10.14 Description: A memory corruption issue was addressed with improved memory handling. Recommendations: For versions prior to 10.14, update to macOS Mojave 10.14 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 11.1 macOS versions prior to 10.13.1 tvOS versions prior to 11.1 watchOS versions prior to 4.1 **Description** The issue involves the `Kernel` component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. This is due to a buffer overflow in memory, which can be exploited by a remote attacker to achieve the aforementioned outcomes. **Recommendations** For iOS versions prior to 11.1, update to version 11.1 or later. For macOS versions prior to 10.13.1, update to version 10.13.1 or later. For tvOS versions prior to 11.1, update to version 11.1 or later. For watchOS versions prior to 4.1, update to version 4.1 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 10.12.6 **Description** The issue involves the `Bluetooth` component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. This is caused by a buffer overflow in memory. **Recommendations** For macOS versions prior to 10.12.6, update to version 10.12.6 or later to resolve the issue. As a temporary workaround, consider disabling the `Bluetooth` component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.3 macOS versions prior to 10.12.4 **Description** The issue involves the `Kernel` component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. This is caused by a buffer overflow in memory, which can be exploited by a remote attacker to achieve the aforementioned effects. **Recommendations** For iOS versions prior to 10.3, update to version 10.3 or later to resolve the issue. For macOS versions prior to 10.12.4, update to version 10.12.4 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.3 macOS versions prior to 10.12.4 tvOS versions prior to 10.2 watchOS versions prior to 3.2 **Description** The issue involves the Kernel component and allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. This is due to a buffer overflow in the Kernel component of the operating systems, which can be exploited by a remote attacker to execute arbitrary code or cause a denial of service. **Recommendations** For iOS versions prior to 10.3, update to version 10.3 or later. For macOS versions prior to 10.12.4, update to version 10.12.4 or later. For tvOS versions prior to 10.2, update to version 10.2 or later. For watchOS versions prior to 3.2, update to version 3.2 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 10 Apple OS X versions prior to 10.12 Apple tvOS versions prior to 10 Apple watchOS versions prior to 3 **Description** The issue allows attackers to execute arbitrary code in a privileged context or cause a denial of service via a crafted app, resulting in an invalid pointer dereference. **Recommendations** For Apple iOS versions prior to 10, update to version 10 or later. For Apple OS X versions prior to 10.12, update to version 10.12 or later. For Apple tvOS versions prior to 10, update to version 10 or later. For Apple watchOS versions prior to 3, update to version 3 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 9.3 OS X versions prior to 10.11.4 **Description** The issue is related to errors in pointer dereferencing in the kernel of the operating systems, which can be exploited by attackers to execute arbitrary code in a privileged context or cause a denial of service via a crafted app. **Recommendations** For iOS versions prior to 9.3, update to version 9.3 or later. For OS X versions prior to 10.11.4, update to version 10.11.4 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9.3 Apple OS X versions prior to 10.11.4 Apple tvOS versions prior to 9.2 Apple watchOS versions prior to 2.2 **Description** The issue allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. It is caused by a buffer overflow in the kernel of the operating systems. **Recommendations** For Apple iOS versions prior to 9.3, update to version 9.3 or later. For Apple OS X versions prior to 10.11.4, update to version 10.11.4 or later. For Apple tvOS versions prior to 9.2, update to version 9.2 or later. For Apple watchOS versions prior to 2.2, update to version 2.2 or later.

**Name of the Vulnerable Software and Affected Versions** Mac OS X and iOS (affected versions not specified) **Description** The issue is related to errors in the code of Mac OS X and iOS operating systems. It can be exploited by a remote attacker using a specially crafted application to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mac OS X and iOS (affected versions not specified) **Description** The issue is related to errors in the code of Mac OS X and iOS. It can be exploited by a remote attacker using a specially crafted application to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 9 **Description** The issue is caused by a buffer overflow in the libpthread component of the iOS kernel. This can be exploited by a local attacker to gain elevated privileges or cause a denial of service, resulting in memory corruption. **Recommendations** For iOS versions prior to 9, update to version 9 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 8.4.1 Apple OS X versions prior to 10.10.5 **Description** The issue allows remote attackers to execute arbitrary code or cause a denial of service, resulting in memory corruption and application crash, by leveraging the use of an AF INET6 socket. This is caused by a buffer overflow in the Libinfo library. **Recommendations** For Apple iOS versions prior to 8.4.1, update to version 8.4.1 or later to resolve the issue. For Apple OS X versions prior to 10.10.5, update to version 10.10.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** libpthread in Apple iOS versions prior to 8.4.1 libpthread in Apple OS X versions prior to 10.10.5 **Description** The issue allows attackers to execute arbitrary code in a privileged context or cause a denial of service due to memory corruption. This can be achieved via an app that uses a crafted syscall to interfere with locking. The vulnerability is caused by a buffer overflow in the libpthread library. Exploitation may enable a remote attacker to execute arbitrary code in a privileged context or cause a denial of service using a specially crafted application that utilizes a system call to the locking interface. **Recommendations** For iOS versions prior to 8.4.1, update to version 8.4.1 or later. For OS X versions prior to 10.10.5, update to version 10.10.5 or later.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2, R2, and R2 SP1 Microsoft Windows 7 versions Gold and SP1 **Description** The issue arises from improper validation of callback parameters during the creation of a hook procedure in the Windows kernel-mode driver. This allows local users to gain privileges via a crafted application. An attacker who successfully exploits this issue could run arbitrary code in kernel mode, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. **Recommendations** For Microsoft Windows XP versions SP2 and SP3, update to a newer version that includes the fix for this issue. For Microsoft Windows Server 2003 version SP2, update to a newer version that includes the fix for this issue. For Microsoft Windows Vista version SP2, update to a newer version that includes the fix for this issue. For Microsoft Windows Server 2008 versions SP2, R2, and R2 SP1, update to a newer version that includes the fix for this issue. For Microsoft Windows 7 versions Gold and SP1, update to a newer version that includes the fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows XP versions SP2 through SP3 Microsoft Windows Server 2003 version SP2 **Description** An issue exists in the Remote Access Service NDISTAPI driver where it improperly validates user-supplied input when passing data from user mode to the Windows kernel. This allows a local attacker to execute arbitrary code and take complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. **Recommendations** For Microsoft Windows XP versions SP2 through SP3, update to a version that includes the fix for this issue. For Microsoft Windows Server 2003 version SP2, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the NDISTAPI driver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Kingsoft Antivirus versions 2010.04.26.648 and earlier **Description** The issue is related to a buffer overflow in the kavfm.sys component. This can be exploited by local users to execute arbitrary code by providing a long argument to the IOCTL 0x80030004. **Recommendations** For Kingsoft Antivirus versions 2010.04.26.648 and earlier, consider updating to a newer version that addresses this issue. As a temporary workaround, restrict access to the IOCTL 0x80030004 to minimize the risk of exploitation.