CVE-2024-27844: Input Validation

First published: Mon May 13 2024(Updated: )

Apple Neural Engine. The issue was addressed with improved memory handling.

Credit: Narendra Bhati Suma Soft PvtShaheen Fazim product-security@apple.com an anonymous researcher Ron Masas ImpervaKirin @Pwnrin 小来来 @Smi1eSEC pattern-f @pattern_F_ Ant Security LightAmir Bazine CrowdStrike Counter Adversary OperationsKarsten König CrowdStrike Counter Adversary OperationsCertiK SkyFall Team Junsung Lee Trend Micro Zero Day Initiativean anonymous researcher MIT CSAIL MIT CSAILJoseph Ravichandran @0xjprx MIT CSAILPr BarPr Hebrew University EP Nick Wellnhofer Gil Pedersen Dohyun Lee @l33d0hyun LFY @secsys Fudan UniversityDaniel Zajork Joshua Zajork Meysam Firouzi @R00tkitsmm Trend Micro Zero Day InitiativeMichael DePlante @izobashi Trend Micro Zero Day InitiativeScott Johnson RIPEDA ConsultingMykola Grymalyuk RIPEDA ConsultingJordy Witteman Carlos Polop Pedro Tôrres @t0rr3sp3dr0 Mickey Jin @patch1t Csaba Fitzl @theevilbit KandjiLFY @secsys yulige Snoolie Keffaber @0xilis Robert Reichel CVE-2024-27806 Yann GASCUEL Alter Solutionsajajfxhj Maksymilian Motyl Immunity SystemsManfred Paul @_manfp Trend Micro's Zero Day InitiativeEmilio Cobos MozillaLukas Bernhard CISPA Helmholtz Center for Information SecurityNan Wang @eternalsakura13 360 Vulnerability Research InstituteJoe Rutkowski @Joe12387 Crawless @abrahamjuliot Jeff Johnson underpassappRyan Pickren (ryanpickren.com) Manfred Paul @_manfp Trend Micro Zero Day InitiativePan ZhenPeng @Peterpan0927 STAR Labs SG PtePwn2car Trend Micro's Zero Day Initiative Trend Micro's Zero Day InitiativeMichael DePlante @izobashi Trend Micro's Zero Day InitiativeMinghao Lin Baidu Security Baidu SecurityYe Zhang @VAR10CK Baidu SecurityMeysam Firouzi @R00tkitSMM

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

• agent/type
• agent/first-publish-date
• agent/severity
• collector/mitre-cve
• source/MITRE
• agent/trending
• agent/source
• collector/apple-support
• source/Apple
• agent/software-canonical-lookup
• agent/software-canonical-lookup-request
• agent/weakness
• agent/last-modified-date
• agent/references
• agent/description
• alias/CVE-2024-27841
• alias/CVE-2024-23236
• alias/CVE-2024-27805
• alias/CVE-2024-27817
• alias/CVE-2024-27831
• alias/CVE-2024-27832
• alias/CVE-2024-27827
• alias/CVE-2024-27801
• alias/CVE-2024-27836
• alias/CVE-2024-27799
• alias/CVE-2024-27818
• alias/CVE-2024-27815
• alias/CVE-2024-27823
• alias/CVE-2024-27811
• alias/CVE-2023-42893
• alias/CVE-2024-23251
• alias/CVE-2024-23282
• alias/CVE-2024-27810
• alias/CVE-2024-27800
• alias/CVE-2024-27802
• alias/CVE-2024-27857
• alias/CVE-2024-27822
• alias/CVE-2024-27824
• alias/CVE-2024-27885
• alias/CVE-2024-27813
• alias/CVE-2024-27816
• alias/CVE-2024-27844
• alias/CVE-2024-27843
• alias/CVE-2024-27821
• alias/CVE-2024-27855
• alias/CVE-2024-27806
• alias/CVE-2024-27798
• alias/CVE-2024-27848
• alias/CVE-2024-27847
• alias/CVE-2024-27884
• alias/CVE-2024-27842
• alias/CVE-2024-27796
• alias/CVE-2024-27856
• alias/CVE-2024-27834
• alias/CVE-2024-27838
• alias/CVE-2024-27808
• alias/CVE-2024-27850
• alias/CVE-2024-27851
• alias/CVE-2024-27830
• alias/CVE-2024-27820
• alias/CVE-2024-40771
• alias/CVE-2024-27804
• alias/CVE-2024-27837
• alias/CVE-2024-27825
• alias/CVE-2024-27829
• agent/tags
• agent/event
• agent/softwarecombine
• agent/author
• alias/CVE-2024-27833
• collector/nvd-api
• source/NVD
• alias/CVE-2024-27840
• alias/CVE-2024-27812
• alias/CVE-2024-27828
• vendor/apple
• canonical/apple macos
• canonical/apple mobile safari
• canonical/apple ios and macos
• version/apple ios and macos/14.0
• canonical/visionos