PT-2024-7944 · Apple+7 · Visionos+14

Jeff Johnson

·

Published

2024-05-13

·

Updated

2025-11-25

·

CVE-2024-27820

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions tvOS versions prior to 17.5 iOS versions prior to 17.5 iPadOS versions prior to 17.5 visionOS versions prior to 1.2 Safari versions prior to 17.5 watchOS versions prior to 10.5 macOS Sonoma versions prior to 14.5
Description The issue is related to improved memory handling and may lead to arbitrary code execution when processing web content. A remote attacker may exploit this issue to access confidential data, compromise data integrity, and cause a denial of service.
Recommendations For tvOS versions prior to 17.5, update to tvOS 17.5. For iOS versions prior to 17.5, update to iOS 17.5. For iPadOS versions prior to 17.5, update to iPadOS 17.5. For visionOS versions prior to 1.2, update to visionOS 1.2. For Safari versions prior to 17.5, update to Safari 17.5. For watchOS versions prior to 10.5, update to watchOS 10.5. For macOS Sonoma versions prior to 14.5, update to macOS Sonoma 14.5.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2024:8180
ALSA-2024:9636
BDU:2024-09449
CESA-2024_9636
CVE-2024-27820
DSA-5695-1
INFSA-2024_8180
INFSA-2024_9636
MGASA-2025-0313
OPENSUSE-SU-2024_3752-1
OPENSUSE-SU-2024_3869-1
RHSA-2024:8180
RHSA-2024:8492
RHSA-2024:8496
RHSA-2024:9636
RHSA-2024:9646
RHSA-2024:9653
RHSA-2024:9679
RHSA-2024:9680
RHSA-2024_8180
RHSA-2024_9636
RHSA-2025:10364
RLSA-2024:8180
RLSA-2024:9636
SUSE-SU-2024:3751-1
SUSE-SU-2024:3752-1
SUSE-SU-2024:3869-1
SUSE-SU-2024:3870-1

Affected Products

Almalinux
Astra Linux
Centos
Debian
Apple Macos
Red Hat
Rocky Linux
Safari
Suse
Ios
Ipados
Macos Sonoma
Tvos
Visionos
Watchos