The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.
History

Thu, 12 Dec 2024 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Apple ipados
CPEs cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Vendors & Products Apple ipad Os
Apple ipados

Mon, 09 Dec 2024 19:45:00 +0000

Type Values Removed Values Added
First Time appeared Apple
Apple ipad Os
Apple iphone Os
Apple macos
Apple safari
Apple tvos
Apple watchos
Fedoraproject
Fedoraproject fedora
Webkitgtk
Webkitgtk webkitgtk
Wpewebkit
Wpewebkit wpe Webkit
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
Vendors & Products Apple
Apple ipad Os
Apple iphone Os
Apple macos
Apple safari
Apple tvos
Apple watchos
Fedoraproject
Fedoraproject fedora
Webkitgtk
Webkitgtk webkitgtk
Wpewebkit
Wpewebkit wpe Webkit
Metrics cvssV3_1

{'score': 8.1, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H'}

cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N'}


Tue, 29 Oct 2024 02:30:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat enterprise Linux
CPEs cpe:/a:redhat:enterprise_linux:8
cpe:/a:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux

cve-icon MITRE

Status: PUBLISHED

Assigner: apple

Published: 2024-05-13T23:00:50.836Z

Updated: 2024-08-02T00:41:55.789Z

Reserved: 2024-02-26T15:32:28.527Z

Link: CVE-2024-27834

cve-icon Vulnrichment

Updated: 2024-08-02T00:41:55.789Z

cve-icon NVD

Status : Analyzed

Published: 2024-05-14T15:13:06.953

Modified: 2024-12-12T14:33:00.640

Link: CVE-2024-27834

cve-icon Redhat

Severity : Important

Publid Date: 2024-05-21T00:00:00Z

Links: CVE-2024-27834 - Bugzilla