A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 17.4 and iPadOS 17.4. An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apple ipad os |
||
apple iphone os |
||
apple macos |
||
apple tvos |
||
apple visionos |
||
apple watchos |
Apple fixes two new iOS zero-days exploited in attacks on iPhones By Lawrence Abrams March 5, 2024 04:34 PM 0 Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. "Apple is aware of a report that this issue may have been exploited," the company said in an advisory issued on Tuesday. The two bugs were found in the iOS Kernel (CVE-2024-23225) and RTKit (CVE-2024-23296), both allowing attackers with arbitrary kernel r...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources Two flaws fixed, one knee bent to the EU, and a budding cybersecurity star feature in iOS 17.4 Inside our three-month effort to attend Apple's iPhone 7 launch party
Apple's latest security patches address four vulnerabilities affecting iOS and iPadOS, including two zero-days that intel suggests attackers have already exploited. In typical Apple fashion, it's keeping most of the interesting details under wraps, but both have the potential to access data in the protected kernel. The consumer tech giant registered the vulnerability as CVE-2024-23225 and said that an attacker would already need to have kernel read and write capabilities to bypass the kernel mem...