CVE-2024-27836
published 2024-06-10CVE-2024-27836: The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. Processing a maliciously…
high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, visionOS 1.2. Processing a maliciously crafted image may lead to arbitrary code execution.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_17.5_and_ipados | — | — |
| apple | ios_and_ipados | < 17.5 | 17.5 |
| apple | ipados | < 17.5 | 17.5 |
| apple | iphone_os | < 17.5 | 17.5 |
| apple | macos | < 14.5 | 14.5 |
| apple | macos_sonoma | — | — |
| apple | visionos | < 1.2 | 1.2 |
| apple | visionos | — | — |
Apple
CVE-2024-27836: visionOS 1.2
vendor_apple·2024-06-10·CVSS 7.8
CVE-2024-27836 [HIGH] CVE-2024-27836: visionOS 1.2
Apple Security Update: About the security content of visionOS 1.2
Product: visionOS
Version: 1.2
CVE: CVE-2024-27836
Component: ImageIO
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: The issue was addressed with improved checks.
Apple
CVE-2024-27836: iOS 17.5 and iPadOS 17.5
vendor_apple·2024-05-13·CVSS 7.8
CVE-2024-27836 [HIGH] CVE-2024-27836: iOS 17.5 and iPadOS 17.5
Apple Security Update: About the security content of iOS 17.5 and iPadOS 17.5
Product: iOS 17.5 and iPadOS
Version: 17.5
CVE: CVE-2024-27836
Component: ImageIO
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: The issue was addressed with improved checks.
Apple
CVE-2024-27836: macOS Sonoma 14.5
vendor_apple·2024-05-13·CVSS 7.8
CVE-2024-27836 [HIGH] CVE-2024-27836: macOS Sonoma 14.5
Apple Security Update: About the security content of macOS Sonoma 14.5
Product: macOS Sonoma
Version: 14.5
CVE: CVE-2024-27836
Component: ImageIO
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: The issue was addressed with improved checks.
GHSA
GHSA-hv3w-wgcx-8ggg: The issue was addressed with improved checks
ghsa_unreviewed·2024-06-10
CVE-2024-27836 [HIGH] CWE-787 GHSA-hv3w-wgcx-8ggg: The issue was addressed with improved checks
The issue was addressed with improved checks. This issue is fixed in visionOS 1.2, macOS Sonoma 14.5, iOS 17.5 and iPadOS 17.5. Processing a maliciously crafted image may lead to arbitrary code execution.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://support.apple.com/en-us/120903https://support.apple.com/en-us/120905https://support.apple.com/en-us/120906http://seclists.org/fulldisclosure/2024/Jun/5https://support.apple.com/en-us/HT214101https://support.apple.com/en-us/HT214106https://support.apple.com/en-us/HT214108https://support.apple.com/kb/HT214101https://support.apple.com/kb/HT214106https://support.apple.com/kb/HT214108
2024-06-10
Published