Improved Bounds Checks to Mitigate Parsing Vulnerability
CVE-2024-44234
5.5MEDIUM
Key Information
- Vendor
- Apple
- Status
- Mac OS
- Visionos
- iOS And iPad OS
- TV OS
- Vendor
- CVE Published:
- 1 November 2024
Summary
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.
Affected Version(s)
macOS < 14.7
visionOS < 2.1
iOS and iPadOS < 17.7
References
CVSS V3.1
Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database