CVE-2024-27802

Published: Jun 10, 2024Modified: Apr 2, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Sonoma 14.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

Affected (9)

Products: Apple: Ipados, Iphone Os, Macos, Tvos, Visionos

5 products

Configuration A

9 vulnerable

Vulnerable Software	Affected Versions
Apple Ipados	Before 16.7.8
Apple Ipados	From 17.0 to 17.5
Apple Iphone Os	Before 16.7.8
Apple Iphone Os	From 17.0 to 17.5
Apple Macos	Before 12.7.5
Apple Macos	From 13.0 to 13.6.7
Apple Macos	From 14.0 to 14.5
Apple Tvos	Before 17.5
Apple Visionos	Before 1.2

Related CWEs

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (22)

https://support.apple.com/en-us/120898

Source: product-security@apple.com

https://support.apple.com/en-us/120899

Source: product-security@apple.com

https://support.apple.com/en-us/120900

Source: product-security@apple.com

https://support.apple.com/en-us/120901

Source: product-security@apple.com

https://support.apple.com/en-us/120903

Source: product-security@apple.com

https://support.apple.com/en-us/120905

Source: product-security@apple.com

https://support.apple.com/en-us/120906

Source: product-security@apple.com

http://seclists.org/fulldisclosure/2024/Jun/5

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://support.apple.com/en-us/HT214100

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT214101

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT214102

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT214105

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT214106

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT214107

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/en-us/HT214108

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT214100

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT214101

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT214102

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT214105

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT214106

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT214107

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://support.apple.com/kb/HT214108

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.