CVE-2024-44264 | THREATINT

Description

This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7.1, macOS Sonoma 14.7.1. A malicious app may be able to create symlinks to protected regions of the disk.

PUBLISHED Reserved 2024-08-20 | Published 2024-10-28 | Updated 2025-11-03 | Assigner apple

Problem types

A malicious app may be able to create symlinks to protected regions of the disk

Product status

Any version before 14.7

affected

Any version before 13.7

affected

References

seclists.org/fulldisclosure/2024/Oct/13

seclists.org/fulldisclosure/2024/Oct/12

seclists.org/fulldisclosure/2024/Oct/11

support.apple.com/en-us/121570

support.apple.com/en-us/121568

cve.org (CVE-2024-44264)

nvd.nist.gov (CVE-2024-44264)

Download JSON