The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker in a privileged position may be able to perform a denial-of-service.
The problem involves uncontrolled memory resource consumption (CWE-400) as a result of improper memory management in macOS system components. An attacker in a privileged network position can trigger conditions leading to system resource exhaustion. Apple resolved the issue by improving memory handling mechanisms.
An attacker in a privileged position can cause denial-of-service, leading to destabilization or unavailability of the macOS system.
The system should be updated to macOS Sequoia 15.4, macOS Sonoma 14.7.5, or macOS Ventura 13.7.5. Detailed information is available in Apple security bulletins at the addresses indicated in the references.
Apple macOS Sequoia before version 15.4, macOS Sonoma before version 14.7.5, macOS Ventura before version 13.7.5.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApple macOS
OSApple13.0 – 13.7.5 (bez)14.0 – 14.7.5 (bez)15.0 – 15.4 (bez)
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach
Apple — memory corruption (RCE) w przetwarzaniu strumieni audio
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki