CVE-2017-13905
published 2021-12-23CVE-2017-13905: A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002…
high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios | — | — |
| apple | iphone_os | < 11.2 | 11.2 |
| apple | mac_os_x | — | — |
| apple | mac_os_x | — | — |
| apple | mac_os_x | >= 10.11 < 10.11.6 | 10.11.6 |
| apple | mac_os_x | >= 10.12 < 10.12.6 | 10.12.6 |
| apple | macos | < 10.13.2 | 10.13.2 |
| apple | macos | >= unspecified < 10.13 | 10.13 |
| apple | macos | >= unspecified < 11.2 | 11.2 |
| apple | macos_high_sierra_10.13.2_security_update_2017-002_sierra_and_security_update_20 | — | — |
| apple | tvos | < 11.2 | 11.2 |
| apple | tvos | — | — |
| apple | tvos | >= unspecified < 11.2 | 11.2 |
| apple | watchos | < 4.2 | 4.2 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < 4.2 | 4.2 |
Apple
CVE-2017-13905: macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan
vendor_apple·2017-12-06·CVSS 8.1
CVE-2017-13905 [HIGH] CVE-2017-13905: macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan
Apple Security Update: About the security content of macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan
Product: macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan
CVE: CVE-2017-13905
Component: Auto Unlock
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional validation.
Apple
CVE-2017-13905: watchOS 4.2
vendor_apple·2017-12-05·CVSS 8.1
CVE-2017-13905 [HIGH] CVE-2017-13905: watchOS 4.2
Apple Security Update: About the security content of watchOS 4.2
Product: watchOS
Version: 4.2
CVE: CVE-2017-13905
Component: Auto Unlock
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional validation.
Apple
CVE-2017-13905: tvOS 11.2
vendor_apple·2017-12-04·CVSS 8.1
CVE-2017-13905 [HIGH] CVE-2017-13905: tvOS 11.2
Apple Security Update: About the security content of tvOS 11.2
Product: tvOS
Version: 11.2
CVE: CVE-2017-13905
Component: Auto Unlock
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional validation.
Apple
CVE-2017-13905: iOS 11.2
vendor_apple·2017-12-02·CVSS 8.1
CVE-2017-13905 [HIGH] CVE-2017-13905: iOS 11.2
Apple Security Update: About the security content of iOS 11.2
Product: iOS
Version: 11.2
CVE: CVE-2017-13905
Component: Auto Unlock
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional validation.
GHSA
GHSA-rv5x-972c-94h5: A race condition was addressed with additional validation
ghsa_unreviewed·2021-12-24
CVE-2017-13905 [HIGH] CWE-362 GHSA-rv5x-972c-94h5: A race condition was addressed with additional validation
A race condition was addressed with additional validation. This issue is fixed in tvOS 11.2, iOS 11.2, macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan, watchOS 4.2. An application may be able to gain elevated privileges.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.apple.com/en-us/HT208325https://support.apple.com/en-us/HT208327https://support.apple.com/en-us/HT208331https://support.apple.com/en-us/HT208334https://support.apple.com/en-us/HT208325https://support.apple.com/en-us/HT208327https://support.apple.com/en-us/HT208331https://support.apple.com/en-us/HT208334
2021-12-23
Published