7.5
CVE-2024-27840
- EPSS 0.25%
- Veröffentlicht 10.06.2024 21:15:51
- Zuletzt bearbeitet 02.04.2026 19:17:31
- Quelle product-security@apple.com
- CVE-Watchlists
- Unerledigt
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5, macOS Ventura 13.6.7, tvOS 17.5, visionOS 1.2, watchOS 10.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory protections.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.162 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.3 | 1.8 | 4 |
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.5 | 0.8 | 6 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-786 Access of Memory Location Before Start of Buffer
The product reads or writes to a buffer using an index or pointer that references a memory location prior to the beginning of the buffer.
https://support.apple.com/kb/HT214107
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214101
https://support.apple.com/en-us/HT214105
https://support.apple.com/kb/HT214105
https://support.apple.com/en-us/HT214100
https://support.apple.com/en-us/HT214107
https://support.apple.com/en-us/HT214101
https://support.apple.com/en-us/HT214102
https://support.apple.com/en-us/HT214104
https://support.apple.com/kb/HT214102
https://support.apple.com/kb/HT214104
http://seclists.org/fulldisclosure/2024/Jun/5
https://support.apple.com/en-us/HT214108
https://support.apple.com/kb/HT214108
https://support.apple.com/en-us/120898
https://support.apple.com/en-us/120901
https://support.apple.com/en-us/120902
https://support.apple.com/en-us/120905
https://support.apple.com/en-us/120906
https://support.apple.com/en-us/120899
https://support.apple.com/en-us/120900