Buffer Overflow Vulnerability in Apple's Operating Systems
CVE-2024-44144

5.5MEDIUM

Key Information:

Vendor

Apple
Status
Watch OS
TV OS
iPhone OS
iPad OS
Vendor
CVE Published:
28 October 2024

What is CVE-2024-44144?

A buffer overflow vulnerability was discovered in Apple's operating systems, which could potentially disrupt application functioning. This flaw arises from improper size validation when processing a maliciously crafted file, leading to unexpected application termination. Users are encouraged to upgrade to the latest versions—iOS 17.7.1, iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18, and iPadOS 18—to mitigate any risks associated with this vulnerability.

References

https://support.apple.com/en-us/121238
https://support.apple.com/en-us/121570
https://support.apple.com/en-us/121248

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

.