CVE-2024-27876: Race Condition
First published: Mon Sep 16 2024(Updated: )
A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPadOS | <17.7 | |
| Apple iPhone OS | <17.7 | |
| Apple macOS | >=13.0<13.7 | |
| Apple macOS | >=14.0<14.7 | |
| Apple visionOS | <2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/apple
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple macos
- version/apple macos/13.0
- version/apple macos/14.0
- canonical/apple visionos