CVE-2024-27880

Description

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma 14.7, tvOS 18. Processing a maliciously crafted file may lead to unexpected app termination.

PUBLISHED Reserved 2024-02-26 | Published 2024-09-16 | Updated 2025-11-04 | Assigner apple

Problem types

Processing a maliciously crafted file may lead to unexpected app termination

Product status

References

seclists.org/fulldisclosure/2024/Sep/40

seclists.org/fulldisclosure/2024/Sep/39

seclists.org/fulldisclosure/2024/Sep/36

seclists.org/fulldisclosure/2024/Sep/33

seclists.org/fulldisclosure/2024/Sep/32

support.apple.com/en-us/121238

support.apple.com/en-us/121248

support.apple.com/en-us/121249

support.apple.com/en-us/121246

support.apple.com/en-us/121250

support.apple.com/en-us/121247

support.apple.com/en-us/121240

cve.org (CVE-2024-27880)

nvd.nist.gov (CVE-2024-27880)

Download JSON