{"id":"CVE-2024-27834","details":"The issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.","modified":"2026-04-16T04:32:24.653136445Z","published":"2024-05-14T15:13:06.953Z","related":["SUSE-SU-2024:1944-1","SUSE-SU-2024:1976-1","SUSE-SU-2024:2043-1","SUSE-SU-2024:2065-1","SUSE-SU-2024:3751-1","SUSE-SU-2024:3752-1","SUSE-SU-2024:3869-1","SUSE-SU-2024:3870-1","openSUSE-SU-2024:14027-1"],"references":[{"type":"WEB","url":"https://support.apple.com/kb/HT214100"},{"type":"WEB","url":"https://support.apple.com/kb/HT214102"},{"type":"WEB","url":"https://support.apple.com/kb/HT214104"},{"type":"WEB","url":"https://support.apple.com/kb/HT214106"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT214102"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT214103"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT214106"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT214101"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT214104"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2024/05/21/1"},{"type":"ARTICLE","url":"http://seclists.org/fulldisclosure/2024/May/12"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ADCLQW54XN37VJZNYD3UKCYATJFIMYXG/"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKIXADCW3O4R2OOSDZGPU55XQFE6NA3M/"},{"type":"ARTICLE","url":"http://seclists.org/fulldisclosure/2024/May/10"},{"type":"ARTICLE","url":"http://seclists.org/fulldisclosure/2024/May/17"},{"type":"ARTICLE","url":"http://seclists.org/fulldisclosure/2024/May/9"},{"type":"ARTICLE","url":"http://seclists.org/fulldisclosure/2024/May/16"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"17.5"}]},{"events":[{"introduced":"0"},{"fixed":"17.5"}]},{"events":[{"introduced":"0"},{"fixed":"17.5"}]},{"events":[{"introduced":"14.0"},{"fixed":"14.5"}]},{"events":[{"introduced":"0"},{"fixed":"17.5"}]},{"events":[{"introduced":"0"},{"fixed":"10.5"}]},{"events":[{"introduced":"0"},{"fixed":"2.44.2"}]},{"events":[{"introduced":"0"},{"fixed":"2.44.2"}]},{"events":[{"introduced":"0"},{"last_affected":"39"}]},{"events":[{"introduced":"0"},{"last_affected":"40"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-27834.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}