A type confusion issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An attacker may be able to cause unexpected app termination.
The bug consists of improper discrimination of data types (type confusion) when processing specific input data. An attacker can remotely, without authentication and without user interaction, send crafted data causing incorrect type interpretation by the system. This results in uncontrolled termination of the running application. Apple eliminated the vulnerability by introducing additional type checks as part of the system update.
An attacker can cause unexpected termination (crash) of an application running on a vulnerable system, leading to denial of service (DoS). According to the CVSS vector, potential violation of data confidentiality and integrity is also possible.
The system should be updated to macOS Sequoia 15.4, macOS Sonoma 14.7.5, or macOS Ventura 13.7.5, in which Apple introduced a fix. Detailed information is available at: https://support.apple.com/en-us/122373, https://support.apple.com/en-us/122374, https://support.apple.com/en-us/122375.
Apple macOS Sequoia before version 15.4, macOS Sonoma before version 14.7.5, macOS Ventura before version 13.7.5.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HApple macOS
OSApple13.0 – 13.7.5 (bez)14.0 – 14.7.5 (bez)15.0 – 15.4 (bez)
Related vulnerabilities
Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty
Apple iOS/iPadOS/macOS — out-of-bounds write przy przetwarzaniu obrazu
Apple: Obejście Pointer Authentication w iOS, macOS i innych platformach
Apple — memory corruption (RCE) w przetwarzaniu strumieni audio
Apple WebKit: out-of-bounds write umożliwiający ucieczkę z sandbox przeglądarki