- Description
- A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
Data from CISA
- Vulnerability name
- Apple Multiple Products Memory Corruption Vulnerability
- Exploit added on
- Mar 6, 2024
- Exploit action due
- Mar 27, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
➕ Apple’dan Kritik Güvenlik Açıkları İçin Acil Güncelleme ▪️ Apple, CVE-2024-23225 ve CVE-2024-23296 sıfırıncı gün açıklarını gidermek için iOS ve iPadOS güncellemeleri yayımladı. Bu açıklar, saldırganlara çekirdek belleği koruma önlemlerini aşma imkanı sağlıyordu. iPhone XS ve…
@fokusplusnet
20 Nov 2024
462 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Entonces teóricamente ahora con el nuevo bypass de PAC usando CVE-2024-40815, el bypass de SPTM con cve-2024-23296 y la vulnerabilidad de kernel CVE-2024-23208 que ya tiene un POC ya debería ser posible hacer un JB en iOS 17.0-17.2.1 🤔
@DanielSu121
2 Nov 2024
7285 Impressions
3 Retweets
26 Likes
10 Bookmarks
3 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B64F27E9-49AB-4A68-A617-9D88A28AD5F6",
"versionEndExcluding": "16.7.8"
},
{
"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E9F4BB50-D14B-4807-8F38-69ADFCE433BC",
"versionEndExcluding": "17.4",
"versionStartIncluding": "17.0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0EDF6AF0-A238-47E5-9A9D-F6FDB832DD8C",
"versionEndExcluding": "16.7.8"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2FE8515-300C-4B6F-92A0-7D1E6D93F907",
"versionEndExcluding": "17.4",
"versionStartIncluding": "17.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA924D87-8FAE-4E34-83F7-A5E25C7450E5",
"versionEndExcluding": "12.7.6",
"versionStartIncluding": "12.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D797210-B0F0-44AE-9028-47C18C22AFA5",
"versionEndExcluding": "13.6.7",
"versionStartIncluding": "13.0"
},
{
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "73160D1F-755B-46D2-969F-DF8E43BB1099",
"versionEndExcluding": "14.4",
"versionStartIncluding": "14.0"
},
{
"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB6BA6CB-001B-4440-A9AE-473F5722F8E0",
"versionEndExcluding": "17.4"
},
{
"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB7F6CDA-FEC0-45D7-ACBE-8B5AD35F1AB5",
"versionEndExcluding": "1.1"
},
{
"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5547F484-4E4B-4961-BAF8-F891D50BB4B6",
"versionEndExcluding": "10.4"
}
],
"operator": "OR"
}
]
}
]