Zero Address Execution in AppleIntelBDWGraphics (CVE-2015-7076)

  危険度: :
  CVE識別番号: CVE-2015-7076
  情報公開日: 12 11, 2015

  概要

Apple has released a security bulletin which covers several vulnerabilities, including CVE-2015-7076, which our security researcher, Juwei Lin discovered and reported to the said company. Apple has credited Lin for his research contribution.

All systems which run on Mac OS X below 10.11.2 (OS X El Capitan) and Intel Graphics Driver AppleIntelBDWGraphics can be affected by this vulnerability. Note, however, that there are certain systems that installed Intel Graphics Driver AppleIntelBDWGraphics by default.

A local privilege escalation vulnerability exists when Intel Graphics Driver handles a special request from usermode. This vulnerability could let the local user be able to execute arbitrary code with system privileges. While Apple rated this vulnerability low since they employ mitigation technologies such as SMAP/SMEP, an attacker with minimal knowledge of IOKit can develop an exploit to abuse this security hole.

In order for the attackers to infect the vulnerable system, users need to execute a program containing an exploit send via spam email. When users execute this malicious program, it gets local system privilege thus enabling the attackers to control the system. This local privilege escalation vulnerability is typically use as part of an entire attack to enable to bypass sandbox and gain system privilege to do further actions thus compromising its (system) security.

Users are advised to update their systems to the latest Mac OS version.

  影響を受けるソフトウェア

  • Apple OS X El Capitan v10.11
  • Apple OS X El Capitan v10.11.1