Lucene search

AppleVULNRICHMENT:CVE-2024-27823

HistoryJul 29, 2024 - 10:16 p.m.

CVE-2024-27823

2024-07-2922:16:47

apple

github.com

race condition

apple

macos

ios

ipados

watchos

visionos

tvos

cve-2024-27823

network packets spoofing

AI Score

5.1

Confidence

Low

EPSS

0.001

Percentile

46.7%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14.5, iOS 16.7.8 and iPadOS 16.7.8, macOS Ventura 13.6.7, watchOS 10.5, visionOS 1.3, tvOS 17.5, iOS 17.5 and iPadOS 17.5, macOS Monterey 12.7.5. An attacker in a privileged network position may be able to spoof network packets.

CNA Affected

[
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "iOS and iPadOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "16.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "13.6",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "14.5",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "macOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "12.7",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "watchOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "10.5",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "visionOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "1.3",
        "versionType": "custom"
      }
    ]
  },
  {
    "vendor": "Apple",
    "product": "tvOS",
    "versions": [
      {
        "status": "affected",
        "version": "unspecified",
        "lessThan": "17.5",
        "versionType": "custom"
      }
    ]
  }
]

References

seclists.org/fulldisclosure/2024/Jul/23

support.apple.com/en-us/HT214100

support.apple.com/en-us/HT214101

support.apple.com/en-us/HT214102

support.apple.com/en-us/HT214104

support.apple.com/en-us/HT214105

support.apple.com/en-us/HT214106

support.apple.com/en-us/HT214107

support.apple.com/en-us/HT214123

support.apple.com/kb/HT214100

support.apple.com/kb/HT214101

support.apple.com/kb/HT214102

support.apple.com/kb/HT214104

support.apple.com/kb/HT214105

support.apple.com/kb/HT214106

support.apple.com/kb/HT214107