March 25, 2024 at 01:54PM
Summary:
Apple released an update on March 25, 2024, addressing CVE-2024-1580, an out-of-bounds write issue impacting CoreMedia and WebRTC on macOS Ventura. The update improves input validation to mitigate the risk of arbitrary code execution when processing images.
It appears that there are two security vulnerabilities, both tied to CVE-2024-1580. The first vulnerability impacts the CoreMedia product, while the second one affects WebRTC. The provided meeting notes suggest that an update is available for macOS Ventura to address these vulnerabilities, which are related to out-of-bounds write issues during image processing, and have the potential to lead to arbitrary code execution. The release date for the update is set for March 25, 2024.