The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.7.4, macOS Ventura 13.6.5, macOS Sonoma 14.4, iOS 17.4 and iPadOS 17.4, tvOS 17.4. An app may be able to execute arbitrary code with kernel privileges.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2024/Mar/21 | Mailing List |
http://seclists.org/fulldisclosure/2024/Mar/22 | Mailing List |
http://seclists.org/fulldisclosure/2024/Mar/23 | Mailing List |
http://seclists.org/fulldisclosure/2024/Mar/25 | Mailing List |
https://support.apple.com/en-us/HT214081 | Vendor Advisory |
https://support.apple.com/en-us/HT214083 | Vendor Advisory |
https://support.apple.com/en-us/HT214084 | Vendor Advisory |
https://support.apple.com/en-us/HT214085 | Vendor Advisory |
https://support.apple.com/en-us/HT214086 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
14 Mar 2024, 19:06
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Apple ipad Os
Apple Apple tvos Apple macos Apple iphone Os |
|
CPE | cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
References | () http://seclists.org/fulldisclosure/2024/Mar/21 - Mailing List | |
References | () http://seclists.org/fulldisclosure/2024/Mar/22 - Mailing List | |
References | () http://seclists.org/fulldisclosure/2024/Mar/23 - Mailing List | |
References | () http://seclists.org/fulldisclosure/2024/Mar/25 - Mailing List | |
References | () https://support.apple.com/en-us/HT214081 - Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214083 - Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214084 - Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214085 - Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214086 - Vendor Advisory |
13 Mar 2024, 23:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Mar 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Mar 2024, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Mar 2024, 14:02
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
08 Mar 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-08 02:15
Updated : 2024-08-09 16:35
NVD link : CVE-2024-23270
Mitre link : CVE-2024-23270
CVE.ORG link : CVE-2024-23270
JSON object : View
Products Affected
apple
- ipad_os
- macos
- iphone_os
- tvos
CWE