CCE-95283-8| Platform: cpe:/o:apple:mac_os_11 | Date: (C)2022-12-28 (M)2023-07-04 |
Library Validation protects processes from loading arbitrary libraries, root from becoming more powerful (root may load arbitrary libraries into any process depending on SIP status).
Running without Library Validation on a production system runs the risk of the modification of system binaries or code injection of system processes that would otherwise be protected by Library Validation.
System binaries and processes could load arbitrary libraries.
Fix:
/usr/bin/defaults write /Library/Preferences/com.apple.security.librarayvalidation DisableLibraryValidation -bool false
Parameter:
[yes/no]
Technical Mechanism:
/usr/bin/defaults write /Library/Preferences/com.apple.security.librarayvalidation DisableLibraryValidation -bool false
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 8.4 | Attack Vector: LOCAL |
| Exploit Score: 2.5 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: NONE |
| Severity: HIGH | User Interaction: NONE |
| Vector: AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:80377 |
