Buffer Overflow Vulnerability in Apple's Operating Systems
CVE-2024-44144

5.5MEDIUM

Key Information:

Vendor: Apple
Status: Watch OS; TV OS; iPhone OS; iPad OS
Vendor: CVE Published:; 28 October 2024

Summary

A buffer overflow vulnerability was discovered in Apple's operating systems, which could potentially disrupt application functioning. This flaw arises from improper size validation when processing a maliciously crafted file, leading to unexpected application termination. Users are encouraged to upgrade to the latest versions—iOS 17.7.1, iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18, and iPadOS 18—to mitigate any risks associated with this vulnerability.

References

https://support.apple.com/en-us/121238

https://support.apple.com/en-us/121570

https://support.apple.com/en-us/121248

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 28, 2024