CVE-2024-27876

high

Description

A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files.

References

https://support.apple.com/en-us/121250

https://support.apple.com/en-us/121249

https://support.apple.com/en-us/121247

https://support.apple.com/en-us/121246

https://support.apple.com/en-us/121238

https://support.apple.com/en-us/121234

Details

Source: Mitre, NVD

Published: 2024-09-17

Updated: 2024-09-20

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

Severity: High