CVE-2024-23300

Summary

A use-after-free issue was addressed with improved memory management. This issue is fixed in GarageBand 10.4.11. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleGarageBand0 < 10.4.11affected

Weaknesses

  • Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References