CVE-2024-44307

HIGH

macOS < 14.6 - Buffer Overflow to Kernel Code Execution

Title source: llm
STIX 2.1

Description

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app may be able to execute arbitrary code with kernel privileges.

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0018
EPSS Percentile 8.0%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-120
Status published
Products (2)
Apple/macOS < 14.6
apple/macos 14.0 - 14.6
Published Nov 20, 2024
Tracked Since Feb 18, 2026