CVE-2017-8248
critical
CVSS v3
9.8
CVSS v2
10.0
VIR risk
9.8
Description
A buffer overflow may occur in the processing of a downlink NAS message in Qualcomm Telephony as used in Apple iPhone 5 and later, iPad 4th generation and later, iPod touch 6th generation.
Predictions
Exploit likelihood
97%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| macos | affected | |
References
- http://seclists.org/fulldisclosure/2017/Jul/34
- http://www.securityfocus.com/bid/106128
- http://www.securityfocus.com/bid/99891
- http://www.securitytracker.com/id/1038950
- http://seclists.org/fulldisclosure/2017/Jul/34
- http://www.securityfocus.com/bid/106128
- http://www.securityfocus.com/bid/99891
- http://www.securitytracker.com/id/1038950
CWEs
CWE-119
Verify integrity in audit chain (admin only). AS-IS.