A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.
Metrics
Affected Vendors & Products
References
History
Tue, 17 Sep 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Apple
Apple ipados Apple iphone Os Apple macos Apple visionos |
|
Weaknesses | CWE-362 | |
CPEs | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:visionos:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Apple
Apple ipados Apple iphone Os Apple macos Apple visionos |
|
Metrics |
cvssV3_1
|
Mon, 16 Sep 2024 23:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files. | |
References |
|
MITRE
Status: PUBLISHED
Assigner: apple
Published: 2024-09-16T23:23:00.127Z
Updated: 2024-09-17T19:39:13.222Z
Reserved: 2024-02-26T15:32:28.543Z
Link: CVE-2024-27876
Vulnrichment
Updated: 2024-09-17T19:30:53.485Z
NVD
Status : Analyzed
Published: 2024-09-17T00:15:48.127
Modified: 2024-12-12T16:10:16.487
Link: CVE-2024-27876
Redhat
No data.