CVE-2024-27808

Name of the Vulnerable Software and Affected Versions Safari versions prior to 17.5 tvOS versions prior to 17.5 visionOS versions prior to 1.2 iOS versions prior to 17.5 iPadOS versions prior to 17.5 watchOS versions prior to 10.5 macOS Sonoma versions prior to 14.5

Description The issue is related to improved memory handling and may lead to arbitrary code execution when processing web content. It is associated with access to a memory cell before the start of a buffer in WPE WebKit and WebKitGTK modules, which can allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For Safari versions prior to 17.5, update to version 17.5 or later. For tvOS versions prior to 17.5, update to version 17.5 or later. For visionOS versions prior to 1.2, update to version 1.2 or later. For iOS versions prior to 17.5, update to version 17.5 or later. For iPadOS versions prior to 17.5, update to version 17.5 or later. For watchOS versions prior to 10.5, update to version 10.5 or later. For macOS Sonoma versions prior to 14.5, update to version 14.5 or later.