CVE-2024-40815
published 2024-07-29CVE-2024-40815: A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6…
high7.5CVSS 3.1
AVNACHPRLUINSUCHIHAH
A race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS Ventura 13.6.8, tvOS 17.6, watchOS 10.6. A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_17.6_and_ipados | — | — |
| apple | ios_and_ipados | < 17.6 | 17.6 |
| apple | ipados | < 17.6 | 17.6 |
| apple | iphone_os | < 17.6 | 17.6 |
| apple | macos | < 14.6 | 14.6 |
| apple | macos | < 13.6.8 | 13.6.8 |
| apple | macos | >= 14.0 < 14.6 | 14.6 |
| apple | macos_sonoma | — | — |
| apple | macos_ventura | — | — |
| apple | tvos | < 17.6 | 17.6 |
| apple | tvos | — | — |
| apple | watchos | < 10.6 | 10.6 |
| apple | watchos | — | — |