CVE-2024-27834

The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
Configurations

No configuration.

History

03 Jul 2024, 01:51

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 8.1
CWE CWE-277

22 Jun 2024, 02:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/ -

19 Jun 2024, 03:15

Type Values Removed Values Added
References
  • () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/ -

10 Jun 2024, 18:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/May/12 -
  • () http://seclists.org/fulldisclosure/2024/May/16 -
  • () http://seclists.org/fulldisclosure/2024/May/9 -

10 Jun 2024, 17:16

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/May/10 -
  • () http://www.openwall.com/lists/oss-security/2024/05/21/1 -

10 Jun 2024, 16:15

Type Values Removed Values Added
References
  • () http://seclists.org/fulldisclosure/2024/May/17 -
Summary
  • (es) El problema se solucionó con controles mejorados. Este problema se solucionó en iOS 17.5 y iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. Un atacante con capacidad de lectura y escritura arbitraria puede eludir la autenticación de puntero.

14 May 2024, 15:13

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-14 15:13

Updated : 2024-07-03 01:51


NVD link : CVE-2024-27834

Mitre link : CVE-2024-27834

CVE.ORG link : CVE-2024-27834


JSON object : View

Products Affected

No product.

CWE
CWE-277

Insecure Inherited Permissions