A use-after-free issue was addressed with improved memory management. This issue is fixed in GarageBand 10.4.11. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.
References
| Link | Resource |
|---|---|
| http://seclists.org/fulldisclosure/2024/Mar/27 | Mailing List |
| https://support.apple.com/en-us/HT214090 | Vendor Advisory |
| http://seclists.org/fulldisclosure/2024/Mar/27 | Mailing List |
| https://support.apple.com/en-us/HT214090 | Vendor Advisory |
Configurations
History
09 Dec 2024, 15:00
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:apple:garageband:*:*:*:*:*:*:*:* | |
| First Time |
Apple garageband
Apple |
|
| References | () http://seclists.org/fulldisclosure/2024/Mar/27 - Mailing List | |
| References | () https://support.apple.com/en-us/HT214090 - Vendor Advisory |
21 Nov 2024, 08:57
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://seclists.org/fulldisclosure/2024/Mar/27 - | |
| References | () https://support.apple.com/en-us/HT214090 - |
26 Aug 2024, 15:35
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| CWE | CWE-416 |
13 Mar 2024, 22:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
13 Mar 2024, 12:33
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
12 Mar 2024, 21:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-03-12 21:15
Updated : 2024-12-09 15:00
NVD link : CVE-2024-23300
Mitre link : CVE-2024-23300
CVE.ORG link : CVE-2024-23300
JSON object : View
Products Affected
apple
- garageband
CWE
CWE-416
Use After Free