Lucene search

K
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2024-40776
HistoryJul 29, 2024 - 11:15 p.m.

CVE-2024-40776

2024-07-2923:15:11
Debian Security Bug Tracker
security-tracker.debian.org
7
use-after-free
memory management
ios 16.7.9
ipados 16.7.9
safari 17.6
watchos 10.6
tvos 17.6
macos sonoma 14.6
unexpected crash
malicious web content
cve-2024-40776
visionos 1.3

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

6

Confidence

Low

EPSS

0.001

Percentile

44.5%

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash.

CVSS3

4.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

6

Confidence

Low

EPSS

0.001

Percentile

44.5%