PT-2025-3038 · Apple · Apple Macos+4

Var10Ck

Published

2024-12-11

Updated

2025-01-31

CVE-2024-54517

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS versions prior to 15.2 watchOS versions prior to 11.2 tvOS versions prior to 18.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2

Description The issue is related to a buffer overflow in the IOMobileFrameBuffer component of MacOs, tvOS, watchOS, iPadOS, and iOS operating systems. This can allow an attacker to impact the confidentiality, integrity, and availability of protected information. An app may be able to corrupt coprocessor memory.

Recommendations For macOS versions prior to 15.2, update to macOS Sequoia 15.2 to resolve the issue. For watchOS versions prior to 11.2, update to watchOS 11.2 to resolve the issue. For tvOS versions prior to 18.2, update to tvOS 18.2 to resolve the issue. For iOS versions prior to 18.2, update to iOS 18.2 to resolve the issue. For iPadOS versions prior to 18.2, update to iPadOS 18.2 to resolve the issue.

Fix

Memory Corruption

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787

Related Identifiers

BDU:2025-01497

CVE-2024-54517

Affected Products

Apple Macos

Ios

Ipados

Tvos

Watchos

PT-2025-3038 · Apple · Apple Macos+4

CVE-2024-54517

Weakness Enumeration

Related Identifiers

Affected Products

References · 10