CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://seclists.org/fulldisclosure/2024/Jul/20
http://seclists.org/fulldisclosure/2024/Mar/18	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2024/Mar/21	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2024/Mar/24	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2024/Mar/25	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2024/Mar/26	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2024/May/11
http://seclists.org/fulldisclosure/2024/May/13
https://support.apple.com/en-us/HT214081	Vendor Advisory
https://support.apple.com/kb/HT214084	Vendor Advisory
https://support.apple.com/kb/HT214086	Vendor Advisory
https://support.apple.com/kb/HT214087	Vendor Advisory
https://support.apple.com/kb/HT214088	Vendor Advisory
https://support.apple.com/kb/HT214100
https://support.apple.com/kb/HT214107
https://support.apple.com/kb/HT214118

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipad_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:visionos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

30 Jul 2024, 01:15

Type	Values Removed	Values Added
References		() http://seclists.org/fulldisclosure/2024/Jul/20 -

29 Jul 2024, 22:15

Type	Values Removed	Values Added
References		() https://support.apple.com/kb/HT214118 -

Information

Published : 2024-03-05 20:16

Updated : 2024-07-30 01:15

NVD link : CVE-2024-23296

Mitre link : CVE-2024-23296

CVE.ORG link : CVE-2024-23296

JSON object : View

Products Affected

apple

tvos
macos
visionos
watchos
ipad_os
iphone_os

CWE

CWE-787

Out-of-bounds Write

{"id": "CVE-2024-23296", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2024-03-05T20:16:01.553", "references": [{"url": "http://seclists.org/fulldisclosure/2024/Jul/20", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/18", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/21", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/24", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/25", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/Mar/26", "tags": ["Mailing List", "Third Party Advisory"], "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/May/11", "source": "product-security@apple.com"}, {"url": "http://seclists.org/fulldisclosure/2024/May/13", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT214081", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214084", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214086", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214087", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214088", "tags": ["Vendor Advisory"], "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214100", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214107", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/kb/HT214118", "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited."}, {"lang": "es", "value": "Se solucion\u00f3 un problema de corrupci\u00f3n de memoria con una validaci\u00f3n mejorada. Este problema se solucion\u00f3 en iOS 17.4 y iPadOS 17.4. Un atacante con capacidad arbitraria de lectura y escritura del kernel puede eludir las protecciones de la memoria del kernel. Apple tiene conocimiento de un informe que indica que este problema puede haber sido aprovechado."}], "lastModified": "2024-07-30T01:15:12.493", "cisaActionDue": "2024-03-27", "cisaExploitAdd": "2024-03-06", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE5413B9-A1A8-499F-B047-163908202E69", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCB4911E-7824-4C34-916D-88110CB415EB", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "73160D1F-755B-46D2-969F-DF8E43BB1099", "versionEndExcluding": "14.4", "versionStartIncluding": "14.0"}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BB6BA6CB-001B-4440-A9AE-473F5722F8E0", "versionEndExcluding": "17.4"}, {"criteria": "cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB7F6CDA-FEC0-45D7-ACBE-8B5AD35F1AB5", "versionEndExcluding": "1.1"}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5547F484-4E4B-4961-BAF8-F891D50BB4B6", "versionEndExcluding": "10.4"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Apple Multiple Products Memory Corruption Vulnerability"}