PT-2019-19117 · Apple · Apple Macos

Phoenhex

Published

2019-05-30

Updated

2019-12-23

CVE-2019-8606

CVSS v3.1

7.0

High

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Apple macOS versions prior to 10.14.5

Description A validation issue existed in the handling of symlinks, which has been addressed with improved validation. This could have allowed a local user to load unsigned kernel extensions, potentially leading to privilege escalation.

Recommendations For versions prior to 10.14.5, update to macOS Mojave 10.14.5 to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2019-8606

ZDI-19-541

Affected Products

Apple Macos

PT-2019-19117 · Apple · Apple Macos

CVE-2019-8606

Weakness Enumeration

Related Identifiers

Affected Products

References · 4