CVE-2016-7620

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.12.2

Description The issue involves the IOSurface component and allows local users to obtain sensitive kernel memory-layout information via unspecified vectors. This is related to a lack of protection for service data, which can be exploited by a local attacker to access protected information about the kernel memory scheme.

Recommendations For macOS versions prior to 10.12.2, update to version 10.12.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the IOSurface component to minimize the risk of exploitation.