CVE-2024-44144

MEDIUM Year: 2024
CVSS v3 Score
5.5
Medium
Weakness Type
CWE-120
View all →

Vulnerability Description

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 17.7.1 and iPadOS 17.7.1, macOS Sequoia 15, macOS Sonoma 14.7.1, tvOS 18, watchOS 11, visionOS 2, iOS 18 and iPadOS 18. Processing a maliciously crafted file may lead to unexpected app termination.

Related Vulnerabilities

CVE-2008-3275

MEDIUM
CVSS:5.5(Medium)

The (1) real_lookup and (2) __lookup_hash functions in fs/namei.c in the vfs implementation in the Linux kernel before 2.6.25.15 do not prevent creation of a child dentry for a deleted (aka S_DEAD) di...

CWE-1202008

CVE-2011-3353

MEDIUM
CVSS:5.5(Medium)

Buffer overflow in the fuse_notify_inval_entry function in fs/fuse/dev.c in the Linux kernel before 3.1 allows local users to cause a denial of service (BUG_ON and system crash) by leveraging the abil...

CWE-1202011

CVE-2015-20109

MEDIUM
CVSS:5.5(Medium)

end_pattern (called from internal_fnmatch) in the GNU C Library (aka glibc or libc6) before 2.22 might allow context-dependent attackers to cause a denial of service (application crash), as demonstrat...

CWE-1202015

CVE-2015-7890

MEDIUM
CVSS:5.5(Medium)

Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via ...

CWE-1202015

CVE-2016-10066

MEDIUM
CVSS:5.5(Medium)

Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.

CWE-1202016

CVE-2019-10882

MEDIUM
CVSS:5.5(Medium)

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this ser...

CWE-1202019