GarageBand 10.4.11 for macOS Use-After-Free Vulnerability (CVE-2024-23300)

Imechapishwa: Mar 13, 2024 17:27

Advisory No: TZCERT/SA/2024/03/13-02

Source: Apple

Software Affected: macOS Ventura and macOS Sonoma

Overview

Apple has released security update to address a critical vulnerability affecting macOS Ventura and macOS Sonoma. The vulnerability could allow an attacker to execute arbitrary code on the affected system.

Description

macOS Ventura and macOS Sonoma are affected with the use-after-free vulnerability found in the GarageBand for mac. The vulnerability allows the processing of the maliciously crafted file that may result into unexpected crash or arbitrary code execution.

Impact

Successful exploitation of this vulnerability may allow the attacker to take control of affected system.

Solution

Apple has released patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.

Subscribe To TZ - CERT Newsletter

A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.

Subscribe
Ripoti Tukio