A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app with root privileges may be able to execute arbitrary code with kernel privileges.
References
| Link | Resource |
|---|---|
| http://seclists.org/fulldisclosure/2024/Jul/18 | Mailing List |
| https://support.apple.com/en-us/HT214119 | Vendor Advisory |
| http://seclists.org/fulldisclosure/2024/Jul/18 | Mailing List |
| https://support.apple.com/en-us/HT214119 | Vendor Advisory |
Configurations
History
10 Dec 2024, 15:14
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://seclists.org/fulldisclosure/2024/Jul/18 - Mailing List | |
| References | () https://support.apple.com/en-us/HT214119 - Vendor Advisory | |
| CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | |
| First Time |
Apple
Apple macos |
|
| CWE | CWE-120 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
21 Nov 2024, 09:05
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://seclists.org/fulldisclosure/2024/Jul/18 - | |
| References | () https://support.apple.com/en-us/HT214119 - |
01 Aug 2024, 14:35
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
01 Aug 2024, 13:48
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
30 Jul 2024, 13:32
| Type | Values Removed | Values Added |
|---|---|---|
| Summary |
|
30 Jul 2024, 02:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
29 Jul 2024, 23:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-07-29 23:15
Updated : 2025-03-13 20:15
NVD link : CVE-2024-27878
Mitre link : CVE-2024-27878
CVE.ORG link : CVE-2024-27878
JSON object : View
Products Affected
apple
- macos
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')