The issue was addressed with improved memory handling. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory.
During processing of a maliciously crafted video file, improper memory management occurs (CWE-400 — uncontrolled resource consumption), leading to unexpected application termination or process memory corruption. An attacker can trick a victim into opening a crafted video file, for example via a message or website. Apple removed the vulnerability by improving memory handling mechanisms.
An attacker can cause unexpected application closure (denial of service) or process memory corruption, which in combination with a high CVSS score may potentially enable breach of confidentiality, integrity, and availability of data on the device.
Devices must be updated to the following versions: iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. Details are available in official Apple security bulletins at the addresses indicated in the references.
iOS and iPadOS prior to version 18.4, iPadOS prior to version 17.7.6, macOS Sequoia prior to version 15.4, macOS Sonoma prior to version 14.7.5, macOS Ventura prior to version 13.7.5, tvOS prior to version 18.4, visionOS prior to version 2.4, watchOS prior to version 11.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApple iPadOS
OSApple< 17.7.618.0 – 18.4 (bez)Apple iOS
OSApple< 18.4Apple macOS
OSApple13.0 – 13.7.5 (bez)14.0 – 14.7.5 (bez)15.0 – 15.4 (bez)Apple tvOS
OSApple< 18.4Apple Visionos
OSApple< 2.4
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
Apple — memory corruption (RCE) w przetwarzaniu strumieni audio
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki