Impact: Processing a maliciously crafted font may result in the disclosure of process memoryĭescription: A memory corruption issue was addressed with improved input validation. Impact: Decompiling an AppleScript with osadecompile may lead to arbitrary code executionĭescription: A validation issue was addressed with improved input sanitization. Impact: An application may be able to execute arbitrary code with system privilegesĭescription: A memory corruption issue was addressed with improved memory handling.ĬVE-2017-13800: Sergej Schumilo of Ruhr-University Bochum This issue was addressed by limiting the time the FileVault decryption buffers are DMA mapped to the duration of the I/O operation.
Impact: A malicious Thunderbolt adapter may be able to recover unencrypted APFS filesystem dataĭescription: An issue existed in the handling of DMA.
Available for: macOS Sierra 10.12.6, OS X El Capitan 10.11.6ĭescription: Multiple issues were addressed by updating to version 2.4.27.
