Apple Macos Sonoma vulnerabilities

CVE-2024-27815 [HIGH] CVE-2024-27815: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27815 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2024-27848 [HIGH] CVE-2024-27848: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27848 Component: StorageKit Impact: A malicious app may be able to gain root privileges Description: This issue was addressed with improved permissions checking.

CVE-2024-27798 [HIGH] CVE-2024-27798: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27798 Component: StorageKit Impact: An attacker may be able to elevate privileges Description: An authorization issue was addressed with improved state management.

CVE-2024-27822 [HIGH] CVE-2024-27822: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27822 Component: PackageKit Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved restrictions.

CVE-2024-27832 [HIGH] CVE-2024-27832: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27832 Component: Disk Images Impact: An app may be able to elevate privileges Description: The issue was addressed with improved checks.

CVE-2024-27808 [HIGH] CVE-2024-27808: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27808 Component: WebKit Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-27842 [HIGH] CVE-2024-27842: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27842 Component: Transparency Impact: An app may be able to access user-sensitive data Description: This issue was addressed with a new entitlement.

CVE-2024-27802 [HIGH] CVE-2024-27802: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27802 Component: Metal Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation.

CVE-2024-27855 [HIGH] CVE-2024-27855: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27855 Component: Shortcuts Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with improved checks.

CVE-2024-27829 [HIGH] CVE-2024-27829: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27829 Component: AppleVA Impact: Processing a file may lead to unexpected app termination or arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-27813 [HIGH] CVE-2024-27813: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27813 Component: PrintCenter Impact: An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges Description: The issue was addressed with improved checks.

CVE-2024-27856 [HIGH] CVE-2024-27856: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27856 Component: WebKit Impact: Processing a file may lead to unexpected app termination or arbitrary code execution Description: The issue was addressed with improved checks.

CVE-2024-27825 [HIGH] CVE-2024-27825: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27825 Component: AppleMobileFileIntegrity Impact: An app may be able to bypass certain Privacy preferences Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

CVE-2024-27857 [HIGH] CVE-2024-27857: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27857 Component: Metal Impact: A remote attacker may be able to cause unexpected app termination or arbitrary code execution Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2024-27843 [HIGH] CVE-2024-27843: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27843 Component: SharedFileList Impact: An app may be able to elevate privileges Description: A logic issue was addressed with improved checks.

CVE-2024-27820 [HIGH] CVE-2024-27820: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27820 Component: WebKit Web Inspector Impact: Processing web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling.

CVE-2024-27836 [HIGH] CVE-2024-27836: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27836 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: The issue was addressed with improved checks.

CVE-2024-27850 [MEDIUM] CVE-2024-27850: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27850 Component: WebKit Impact: A maliciously crafted webpage may be able to fingerprint the user Description: This issue was addressed with improvements to the noise injection algorithm.

CVE-2024-27838 [MEDIUM] CVE-2024-27838: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27838 Component: WebKit Impact: A maliciously crafted webpage may be able to fingerprint the user Description: The issue was addressed by adding additional logic.

CVE-2024-27884 [MEDIUM] CVE-2024-27884: macOS Sonoma 14.5 Apple Security Update: About the security content of macOS Sonoma 14.5 Product: macOS Sonoma Version: 14.5 CVE: CVE-2024-27884 Component: Transparency Impact: An app may be able to access user-sensitive data Description: This issue was addressed with a new entitlement.