Arbitrary Kernel-Memory Read Vulnerability in IOUSB Controller

Arbitrary Kernel-Memory Read Vulnerability in IOUSB Controller

CVE-2014-8823 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:N/A:N

The IOUSBControllerUserClient::ReadRegister function in the IOUSB controller in IOUSBFamily in Apple OS X before 10.10.2 allows local users to read data from arbitrary kernel-memory locations by leveraging root access and providing a crafted first argument.

Learn more about our User Device Pen Test.