March 5, 2024 at 04:39PM
Summary: Apple released an update on 2024-03-05 addressing a memory corruption issue (CVE-2024-23225) in the kernel, which could enable an attacker to bypass kernel memory protections. The affected products include iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.
The meeting notes indicate that Apple has released an update addressing a memory corruption issue with improved validation. The impact of this issue is that an attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is also aware of a report that this issue may have been exploited. The affected product is the Kernel, and the update is available for iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation.