Security Vulnerability Report
中文
CVE-2024-44238 CVSS 7.8 HIGH

CVE-2024-44238

Published: 2026-01-16 18:16:06
Last Modified: 2026-04-02 19:18:26
Source: [email protected]

Description

The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An app may be able to corrupt coprocessor memory.

CVSS Details

CVSS Score
7.8
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* - VULNERABLE
Apple iOS < 18.1
Apple iPadOS < 18.1
Apple macOS Sequoia < 15.1

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
// CVE-2024-44238 PoC Concept // Note: This is a conceptual PoC for educational purposes only // The actual vulnerability involves corrupting coprocessor memory #include <stdio.h> #include <stdlib.h> #include <string.h> // Simulated vulnerable function with insufficient bounds checking void vulnerable_coprocessor_access(unsigned int address, unsigned int size) { unsigned int *coprocessor_mem = (unsigned int *)0xFFFFFFFF; // Simulated coprocessor region // Insufficient bounds check - vulnerability exists here if (address < 0x10000) { // Weak check that can be bypassed // Write to coprocessor memory without proper validation unsigned int *target = coprocessor_mem + address; memset(target, 0xFF, size); // Memory corruption } } int main(int argc, char *argv[]) { printf("CVE-2024-44238 Conceptual PoC\n"); printf("Target: Apple coprocessor memory corruption\n"); if (argc > 2) { unsigned int addr = atoi(argv[1]); unsigned int size = atoi(argv[2]); printf("Attempting memory access at 0x%x with size %d\n", addr, size); vulnerable_coprocessor_access(addr, size); } printf("Note: This is a simulated demonstration.\n"); printf("Actual exploitation requires specific Apple device and iOS/macOS environment.\n"); return 0; }

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2024-44238", "sourceIdentifier": "[email protected]", "published": "2026-01-16T18:16:06.040", "lastModified": "2026-04-02T19:18:25.937", "vulnStatus": "Modified", "cveTags": [], "descriptions": [{"lang": "en", "value": "The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.1 and iPadOS 18.1, macOS Sequoia 15.1. An app may be able to corrupt coprocessor memory."}, {"lang": "es", "value": "El problema se abordó con comprobaciones de límites mejoradas. Este problema está corregido en iOS 18.1 y iPadOS 18.1. Una aplicación podría corromper la memoria del coprocesador."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-119"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.1", "matchCriteriaId": "1F64554D-9F90-4871-9A0B-FB28BD52F4B3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "versionEndExcluding": "18.1", "matchCriteriaId": "B9A26654-0DDB-4D4D-BB1E-C65C3339148E"}]}]}], "references": [{"url": "https://support.apple.com/en-us/121563", "source": "[email protected]", "tags": ["Vendor Advisory"]}, {"url": "https://support.apple.com/en-us/121564", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.