An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. watchOS before 4.3 is affected. The issue involves the "CoreFoundation" component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app.
https://support.apple.com/HT208696
https://support.apple.com/HT208693
https://support.apple.com/HT208692
http://www.securitytracker.com/id/1040608