OpenCVE

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing a maliciously crafted message may lead to a denial-of-service.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Apple	Ios Ipad Os Ipados Iphone Os Macos Tvos Visionos Watchos

Configuration 1 [-]

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

No data.

References

Link	Providers
http://seclists.org/fulldisclosure/2024/Jun/5
https://support.apple.com/en-us/HT214100
https://support.apple.com/en-us/HT214101
https://support.apple.com/en-us/HT214102
https://support.apple.com/en-us/HT214104
https://support.apple.com/en-us/HT214105
https://support.apple.com/en-us/HT214106
https://support.apple.com/en-us/HT214107
https://support.apple.com/en-us/HT214108
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214101
https://support.apple.com/kb/HT214102
https://support.apple.com/kb/HT214104
https://support.apple.com/kb/HT214105
https://support.apple.com/kb/HT214106
https://support.apple.com/kb/HT214107
https://support.apple.com/kb/HT214108

History

No history.

MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-06-10T20:56:44.028Z

Updated: 2024-08-02T00:41:55.224Z

Reserved: 2024-02-26T15:32:28.516Z

Link: CVE-2024-27800

Vulnrichment

Updated: 2024-06-11T14:57:24.198Z

NVD

Status : Modified

Published: 2024-06-10T21:15:49.683

Modified: 2024-07-03T01:50:51.033

Link: CVE-2024-27800

Redhat

No data.

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact High

User Interaction Required

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object