CVE-2024-44160

Published: Sep 17, 2024Modified: Apr 2, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. Processing a maliciously crafted texture may lead to unexpected app termination.

Affected (2)

Products: Apple: Macos

Apple

1 product

Macos

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Apple Macos	From 13.0 to 13.7
Apple Macos	From 14.0 to 14.7

Related CWEs

CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

CWE-400

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (6)

https://support.apple.com/en-us/121234

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/121238

Source: product-security@apple.com

Vendor Advisory

https://support.apple.com/en-us/121247

Source: product-security@apple.com

Vendor Advisory

http://seclists.org/fulldisclosure/2024/Sep/33

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2024/Sep/40

Source: af854a3a-2127-422b-91ae-364da2661108

http://seclists.org/fulldisclosure/2024/Sep/41

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.