anonhaven
Ad

CVE-2024-27834

MEDIUM CVSS 3.1: 5.5 EPSS 0.01%
Updated Apr 02, 2026
Fedoraproject
Parameter Value
CVSS 5.5 (MEDIUM)
Affected Versions 14.0 — 2.44.2
Fixed In 17.5
Type CWE-277
Vendor Fedoraproject
Public PoC No

The issue was addressed with improved checks. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication.

Attack Parameters

Attack Vector
Local
Requires local access
Attack Complexity
Low
Easy to exploit
Privileges Required
Low
Basic privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
None
No data leak
Integrity
High
Complete data modification
Availability
None
No disruption

CVSS Vector v3.1

Weakness Type (CWE)

CWE-277

Vulnerable Products 10

Configuration From (including) Up to (excluding)
Apple Safari
cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
 17.5
Apple Ipados
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
 17.5
Apple Iphone_Os
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
 17.5
Apple Macos
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
 14.0 14.5
Apple Tvos
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
 17.5
Apple Watchos
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
 10.5
Webkitgtk Webkitgtk
cpe:2.3:a:webkitgtk:webkitgtk:*:*:*:*:*:*:*:*
 2.44.2
Wpewebkit Wpe_Webkit
cpe:2.3:a:wpewebkit:wpe_webkit:*:*:*:*:*:*:*:*
 2.44.2
Fedoraproject Fedora
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Fedoraproject Fedora
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*

References 23

https://support.apple.com/en-us/120896
product-security@apple.com
https://support.apple.com/en-us/120898
product-security@apple.com
https://support.apple.com/en-us/120901
product-security@apple.com
https://support.apple.com/en-us/120902
product-security@apple.com
https://support.apple.com/en-us/120903
product-security@apple.com
https://support.apple.com/en-us/120905
product-security@apple.com
http://seclists.org/fulldisclosure/2024/May/10
af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2024/May/12
af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2024/May/16
af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2024/May/17
af854a3a-2127-422b-91ae-364da2661108
http://seclists.org/fulldisclosure/2024/May/9
af854a3a-2127-422b-91ae-364da2661108
http://www.openwall.com/lists/oss-security/2024/05/21/1
af854a3a-2127-422b-91ae-364da2661108
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
af854a3a-2127-422b-91ae-364da2661108
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/en-us/HT214101
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/en-us/HT214102
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/en-us/HT214103
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/en-us/HT214104
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/en-us/HT214106
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/kb/HT214100
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/kb/HT214102
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/kb/HT214104
af854a3a-2127-422b-91ae-364da2661108
https://support.apple.com/kb/HT214106
af854a3a-2127-422b-91ae-364da2661108
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-35094

Fedoraproject

5.5

CVE-2026-35093

Fedoraproject

8.8

CVE-2024-4761

Fedoraproject

8.8

CVE-2024-23284

Fedoraproject

6.5

CVE-2024-23280

Fedoraproject

6.5