CVE-2024-54499

Summary

A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 18.2 and iPadOS 18.2, macOS Sequoia 15.2, tvOS 18.2, visionOS 2.2, watchOS 11.2. Processing a maliciously crafted image may lead to arbitrary code execution.

Affected Software

VendorProductVersion RangeStatus
AppleiOS and iPadOS0 < 18.2affected
ApplemacOS0 < 15.2affected
AppletvOS0 < 18.2affected
ApplevisionOS0 < 2.2affected
ApplewatchOS0 < 11.2affected

Weaknesses

  • Processing a maliciously crafted image may lead to arbitrary code execution

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References