CVE-2024-27802
Apple macOS Metal Framework KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 and iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.
Se solucionó una lectura fuera de los límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.6.7, macOS Monterey 12.7.5, iOS 16.7.8 y iPadOS 16.7.8, tvOS 17.5, visionOS 1.2, iOS 17.5 y iPadOS 17.5, macOS Sonoma 14.5. El procesamiento de un archivo creado con fines malintencionados puede provocar la finalización inesperada de la aplicación o la ejecución de código arbitrario.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the Metal framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation.
The specific flaw exists within the Metal framework. Crafted data in a KTX image can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
CVSS Scores
SSVC
- Decision:Track*
Timeline
- 2024-02-26 CVE Reserved
- 2024-06-10 CVE Published
- 2024-08-06 CVE Updated
- 2024-08-26 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
- CWE-787: Out-of-bounds Write
CAPEC
References (15)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/fulldisclosure/2024/Jun/5 | Mailing List |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.apple.com/en-us/HT214100 | 2024-07-02 | |
| https://support.apple.com/en-us/HT214101 | 2024-07-02 | |
| https://support.apple.com/en-us/HT214102 | 2024-07-02 | |
| https://support.apple.com/en-us/HT214105 | 2024-07-02 | |
| https://support.apple.com/en-us/HT214106 | 2024-07-02 | |
| https://support.apple.com/en-us/HT214107 | 2024-07-02 | |
| https://support.apple.com/en-us/HT214108 | 2024-07-02 | |
| https://support.apple.com/kb/HT214100 | 2024-07-02 | |
| https://support.apple.com/kb/HT214101 | 2024-07-02 | |
| https://support.apple.com/kb/HT214102 | 2024-07-02 | |
| https://support.apple.com/kb/HT214105 | 2024-07-02 | |
| https://support.apple.com/kb/HT214106 | 2024-07-02 | |
| https://support.apple.com/kb/HT214107 | 2024-07-02 | |
| https://support.apple.com/kb/HT214108 | 2024-07-02 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Ipados Search vendor "Apple" for product "Ipados" | < 16.7.8 Search vendor "Apple" for product "Ipados" and version " < 16.7.8" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Ipados Search vendor "Apple" for product "Ipados" | >= 17.0 < 17.5 Search vendor "Apple" for product "Ipados" and version " >= 17.0 < 17.5" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | < 16.7.8 Search vendor "Apple" for product "Iphone Os" and version " < 16.7.8" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | >= 17.0 < 17.5 Search vendor "Apple" for product "Iphone Os" and version " >= 17.0 < 17.5" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | < 12.7.5 Search vendor "Apple" for product "Macos" and version " < 12.7.5" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | >= 13.0 < 13.6.7 Search vendor "Apple" for product "Macos" and version " >= 13.0 < 13.6.7" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Macos Search vendor "Apple" for product "Macos" | >= 14.0 < 14.5 Search vendor "Apple" for product "Macos" and version " >= 14.0 < 14.5" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Tvos Search vendor "Apple" for product "Tvos" | < 17.5 Search vendor "Apple" for product "Tvos" and version " < 17.5" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Visionos Search vendor "Apple" for product "Visionos" | < 1.2 Search vendor "Apple" for product "Visionos" and version " < 1.2" | - |
Affected
| ||||||