An issue was discovered in certain Apple products. iOS before 11.2.5 is affected. macOS before 10.13.3 is affected. tvOS before 11.2.5 is affected. watchOS before 4.2.2 is affected. The issue involves the "Kernel" component. A race condition allows attackers to bypass intended memory-read restrictions via a crafted app.
http://www.securityfocus.com/bid/102782
http://www.securitytracker.com/id/1040265
http://www.securitytracker.com/id/1040267
https://support.apple.com/HT208462
https://support.apple.com/HT208463
Source: MITRE
Published: 2018-04-03
Updated: 2018-05-04
Type: CWE-362
Base Score: 2.6
Vector: AV:N/AC:H/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 4.9
Severity: LOW
Base Score: 4.7
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1
Severity: MEDIUM