CVE-2016-7607

Name of the Vulnerable Software and Affected Versions iOS versions prior to 10.2 macOS versions prior to 10.12.2 watchOS versions prior to 3.1.3

Description The issue involves the Kernel component, which allows attackers to obtain sensitive information from kernel memory via a crafted app. This is related to the lack of protection for service data in the Kernel component of iOS and Mac OS X operating systems. Exploitation of the issue may allow a remote attacker to obtain confidential information from kernel memory using a specially crafted application.

Recommendations For iOS versions prior to 10.2, update to version 10.2 or later. For macOS versions prior to 10.12.2, update to version 10.12.2 or later. For watchOS versions prior to 3.1.3, update to version 3.1.3 or later. As a temporary workaround, consider restricting the use of the Kernel component until a patch is available. Avoid using crafted apps that may exploit the issue in the Kernel component.