CVE-2024-23296
CVE-2024-23296
In short
A memory protection weakness in Apple's kernel allows attackers with system-level access to bypass safety mechanisms that prevent unauthorized memory manipulation. This could let them take complete control of the device.
Technical detail
A memory corruption vulnerability (CWE-787) in Apple's kernel memory protection mechanisms allows an attacker with arbitrary kernel read/write capabilities to circumvent memory protections and potentially achieve elevated privilege escalation or kernel exploitation. The vulnerability requires pre-existing kernel-level access and has been reported in active exploitation.
Summary generated and translated by AI from the official description.
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventura 13.6.7, tvOS 17.4, visionOS 1.1, watchOS 10.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
public PoCs found — 1
githubgithub.com/SimoesCTT/lCTT-Apple-Silicon--Resonance-Vulnerability-CVE-2024-23296★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://seclists.org/fulldisclosure/2024/Jul/20http://seclists.org/fulldisclosure/2024/Mar/18http://seclists.org/fulldisclosure/2024/Mar/21http://seclists.org/fulldisclosure/2024/Mar/24http://seclists.org/fulldisclosure/2024/Mar/25http://seclists.org/fulldisclosure/2024/Mar/26http://seclists.org/fulldisclosure/2024/May/11http://seclists.org/fulldisclosure/2024/May/13https://support.apple.com/en-us/120881https://support.apple.com/en-us/120882https://support.apple.com/en-us/120883https://support.apple.com/en-us/120893