CVE-2024-44233

The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 and iPadOS 17.7.1, iOS 18.1 and iPadOS 18.1. Parsing a maliciously crafted video file may lead to unexpected system termination.
References
Link Resource
https://support.apple.com/en-us/121563 Release Notes Vendor Advisory
https://support.apple.com/en-us/121565 Release Notes Vendor Advisory
https://support.apple.com/en-us/121566 Release Notes Vendor Advisory
https://support.apple.com/en-us/121567 Release Notes Vendor Advisory
https://support.apple.com/en-us/121568 Release Notes Vendor Advisory
https://support.apple.com/en-us/121569 Release Notes Vendor Advisory
https://support.apple.com/en-us/121570 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:18.0:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:18.0:-:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

History

04 Nov 2024, 22:35

Type Values Removed Values Added
CWE CWE-120
Summary
  • (es) El problema se solucionó con comprobaciones de límites mejoradas. Este problema se solucionó en macOS Sonoma 14.7.1, macOS Ventura 13.7.1, visionOS 2.1, watchOS 11.1, tvOS 18.1, iOS 17.7.1 y iPadOS 17.7.1, iOS 18.1 y iPadOS 18.1. El análisis de un archivo de video creado con fines malintencionados puede provocar la finalización inesperada del sistema.

04 Nov 2024, 14:42

Type Values Removed Values Added
References () https://support.apple.com/en-us/121563 - () https://support.apple.com/en-us/121563 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121565 - () https://support.apple.com/en-us/121565 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121566 - () https://support.apple.com/en-us/121566 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121567 - () https://support.apple.com/en-us/121567 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121568 - () https://support.apple.com/en-us/121568 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121569 - () https://support.apple.com/en-us/121569 - Release Notes, Vendor Advisory
References () https://support.apple.com/en-us/121570 - () https://support.apple.com/en-us/121570 - Release Notes, Vendor Advisory
CPE cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:18.0:-:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:18.0:*:*:*:*:*:*:*
CWE NVD-CWE-noinfo
First Time Apple ipados
Apple iphone Os
Apple
Apple tvos
Apple macos
Apple watchos
Apple visionos
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.5

01 Nov 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-01 21:15

Updated : 2024-11-04 22:35


NVD link : CVE-2024-44233

Mitre link : CVE-2024-44233

CVE.ORG link : CVE-2024-44233


JSON object : View

Products Affected

apple

  • iphone_os
  • visionos
  • ipados
  • macos
  • tvos
  • watchos
CWE
NVD-CWE-noinfo CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')