WID-SEC-W-2024-1109 — Vulnetix

WID-SEC-W-2024-1109 PUBLISHED CVSS 8.699999809265137 HIGH

Apple macOS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.

Risk Scores

CVSS 4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
	Apple macOS 14.5
	Apple macOS <14.5
	Apple macOS 12.7.5
	Apple macOS <12.7.5
	Apple macOS 13.6.7
	Apple macOS <13.6.7

Exploit Intelligence

macOS/ XNU kernel buffer overflow. Introduced in macOS 14.0 (xnu-10002.1.13), fixed in macOS 14.5 (xnu-10063.121.3) (github-poc-repo)
iOS Application w/Implementation of CVE-2024-27804 (github-poc-repo)
Apple Silicon runs at frequencies that are golden ratio harmonics of 587 kHz: · Performance cores: 3.2 GHz = 587 kHz × 5451 (≈ φ⁸ × 1000) · Efficiency cores: 2.0 GHz = 587 kHz × 3407 (≈ φ⁷ × 1000) · Neural Engine: 11.0 GHz = 587 kHz × 18739 (≈ φ¹⁰ × 1000) · ALL are φ-harmonics of 587 kHz (github-poc-repo)
Writeup and PoC of CVE-2024-27821, for education purposes. (github-poc)
macOS/ XNU kernel buffer overflow. Introduced in macOS 14.0 (xnu-10002.1.13), fixed in macOS 14.5 (xnu-10063.121.3) (github-poc)
iOS Application w/Implementation of CVE-2024-27804 (github-poc)
POC for CVE-2024-27804 (github-poc)
Apple Silicon runs at frequencies that are golden ratio harmonics of 587 kHz: · Performance cores: 3.2 GHz = 587 kHz × 5451 (≈ φ⁸ × 1000) · Efficiency cores: 2.0 GHz = 587 kHz × 3407 (≈ φ⁷ × 1000) · Neural Engine: 11.0 GHz = 587 kHz × 18739 (≈ φ¹⁰ × 1000) · ALL are φ-harmonics of 587 kHz (github-poc)
https://github.com/wangtielei/POCs/blob/main/CVE-2024-27842/poc.m (circl)
https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1109.json (circl)

…and 13 more exploits

Timeline

May 13, 2024 CVE Published
Nov 21, 2024 CVE Updated

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›