CVE-2024-23258Out-of-bounds Read in Apple Macos

CWE-125Out-of-bounds Read5 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 85.60%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apple MacosApple Visionos
Timeline
PublishedMar 8

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.4, visionOS 1.1. Processing an image may lead to arbitrary code execution.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

CVEListV5apple/macos< 14.4
NVDapple/macos14.014.4
CVEListV5apple/visionos< 1.1
NVDapple/visionos< 1.1

🔴Vulnerability Details

2
CVEList
CVE-2024-23258: An out-of-bounds read was addressed with improved input validation2024-03-08
GHSA
GHSA-rf7r-2hr8-m287: An out-of-bounds read was addressed with improved input validation2024-03-08

📋Vendor Advisories

2
Apple
CVE-2024-23258: visionOS 1.12024-03-07
Apple
CVE-2024-23258: macOS Sonoma 14.42024-03-07
CVE-2024-23258 — Out-of-bounds Read in Apple Macos | cvebase