CVE-2024-44302

The issue was addressed with improved checks. This issue is fixed in tvOS 18.1, iOS 18.1 and iPadOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1, visionOS 2.1. Processing a maliciously crafted font may result in the disclosure of process memory.
References
Link Resource
https://support.apple.com/en-us/121563 Release Notes Vendor Advisory
https://support.apple.com/en-us/121565 Release Notes Vendor Advisory
https://support.apple.com/en-us/121566 Release Notes Vendor Advisory
https://support.apple.com/en-us/121567 Release Notes Vendor Advisory
https://support.apple.com/en-us/121568 Release Notes Vendor Advisory
https://support.apple.com/en-us/121569 Release Notes Vendor Advisory
https://support.apple.com/en-us/121570 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:18.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:18.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

History

30 Oct 2024, 17:49

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5
CPE cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:18.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:18.0:*:*:*:*:*:*:*
First Time Apple ipados
Apple watchos
Apple visionos
Apple
Apple tvos
Apple macos
Apple iphone Os
References () https://support.apple.com/en-us/121563 - () https://support.apple.com/en-us/121563 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121565 - () https://support.apple.com/en-us/121565 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121566 - () https://support.apple.com/en-us/121566 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121567 - () https://support.apple.com/en-us/121567 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121568 - () https://support.apple.com/en-us/121568 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121569 - () https://support.apple.com/en-us/121569 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121570 - () https://support.apple.com/en-us/121570 - Release Notes, Vendor Advisory
CWE NVD-CWE-noinfo

29 Oct 2024, 14:34

Type Values Removed Values Added
Summary
  • (es) El problema se solucionó con comprobaciones mejoradas. Este problema se solucionó en tvOS 18.1, iOS 18.1 y iPadOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, macOS Ventura 13.7.1, macOS Sonoma 14.7.1, watchOS 11.1 y visionOS 2.1. El procesamiento de una fuente manipulada con fines malintencionados puede provocar la divulgación de la memoria del proceso.

28 Oct 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-28 21:15

Updated : 2024-10-30 17:49


NVD link : CVE-2024-44302

Mitre link : CVE-2024-44302

CVE.ORG link : CVE-2024-44302


JSON object : View

Products Affected

apple

  • macos
  • ipados
  • watchos
  • tvos
  • iphone_os
  • visionos