Memory Handling Vulnerability in Apple iOS and iPadOS Products
CVE-2024-44277

7.8HIGH

Key Information:

Vendor: Apple
Status: iPad OS; iPhone OS; Visionos; TV OS
Vendor: CVE Published:; 28 October 2024

Summary

The vulnerability arises from inadequate memory handling within certain Apple operating systems, potentially allowing malicious applications to exploit system resources. This exploitation may lead to unexpected termination of the system or corruption of kernel memory, compromising overall device stability. Apple has addressed this issue in iOS 18.1, iPadOS 18.1, visionOS 2.1, and tvOS 18.1, ensuring improved memory management to mitigate these risks.

References

https://support.apple.com/en-us/121566

https://support.apple.com/en-us/121569

https://support.apple.com/en-us/121563

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 28, 2024