CVE-2023-27938

Name of the Vulnerable Software and Affected Versions GarageBand versions prior to 10.4.8

Description An out-of-bounds read issue was addressed with improved input validation. Parsing a maliciously crafted MIDI file may lead to an unexpected application termination or arbitrary code execution.

Recommendations For versions prior to 10.4.8, update to GarageBand for macOS 10.4.8 to resolve the issue. As a temporary workaround, consider avoiding the use of maliciously crafted MIDI files until the update is applied.