March 25, 2024 at 01:54PM
Apple has released an update for macOS Sonoma to address out-of-bounds write issues in CoreMedia and WebRTC. The issues were resolved with improved input validation to prevent arbitrary code execution when processing images. CVE-2024-1580 is the identifier for this vulnerability.
The meeting notes indicate that there are two issues addressed under the mentioned Apple ID HT214096 and both are related to an out-of-bounds write issue, which has been resolved through improved input validation. The impact of these issues is that processing an image may lead to arbitrary code execution. The affected products are CoreMedia and WebRTC, and updates are available for macOS Sonoma. The release date for these updates is set for March 25, 2024.