CVE-2024-40790: Input Validation
First published: Mon Sep 16 2024(Updated: )
APFS. The issue was addressed with improved checks.
Credit: Snoolie Keffaber @0xilis Csaba Fitzl @theevilbit KandjiDenis Tokarev @illusionofcha0s Junsung Lee dw0r ZeroPointer Lab working with Trend Micro Zero Day Initiativean anonymous researcher Antonio Zekić Andrew Lytvynov Alexander Heinrich SEEMOO DistriNet KU Leuven @vanhoefm TU Darmstadt @Sn0wfreeze Mathy Vanhoef OSS-Fuzz Google Project ZeroNed Williamson Google Project ZeroOlivier Levon CVE-2023-5841 ajajfxhj Max Thomas 냥냥 Narendra Bhati Cyber Security At Suma Soft PvtManager Cyber Security At Suma Soft PvtPune (India) Tashita Software Security Ron Masas Narendra Bhati Cyber Security at Suma Soft PvtManager Cyber Security at Suma Soft PvtHolger Fuhrmannek Pedro Tôrres @t0rr3sp3dr0 product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| visionOS | <2 | 2 |
| <2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/121249 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
Frequently Asked Questions
What is the severity of CVE-2024-40790?
CVE-2024-40790 has been classified as a high severity vulnerability due to potential exploitation risks.
How do I fix CVE-2024-40790?
To fix CVE-2024-40790, update your Apple visionOS to the latest version available.
What types of issues are addressed in CVE-2024-40790?
CVE-2024-40790 addresses issues related to race conditions and file access problems among other vulnerabilities.
Which versions of Apple visionOS are affected by CVE-2024-40790?
Apple visionOS versions earlier than 2.0 are affected by CVE-2024-40790.
Is there a known exploit for CVE-2024-40790?
As of now, there is no publicly known exploit specifically targeting CVE-2024-40790.
- agent/references
- agent/type
- agent/severity
- agent/event
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/source
- agent/description
- agent/first-publish-date
- agent/softwarecombine
- agent/tags
- collector/apple-support
- source/Apple
- alias/CVE-2024-40855
- alias/CVE-2024-54469
- alias/CVE-2024-40850
- alias/CVE-2024-27880
- alias/CVE-2024-44176
- alias/CVE-2024-44169
- alias/CVE-2024-44165
- alias/CVE-2024-44191
- alias/CVE-2024-44198
- alias/CVE-2024-44183
- alias/CVE-2023-5841
- alias/CVE-2024-44167
- alias/CVE-2024-40790
- alias/CVE-2024-44144
- alias/CVE-2024-54467
- alias/CVE-2024-44192
- alias/CVE-2024-40857
- alias/CVE-2024-44187
- agent/software-canonical-lookup
- alias/CVE-2024-40825
- alias/CVE-2024-27876
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- vendor/apple
- canonical/visionos