Multiple Apple tvOS Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-40856 CVSS:5.5

Apple tvOS is vulnerable to a denial of service, caused by an integrity issue in the Wi-Fi component. By using a specially crafted application, an attacker could exploit this vulnerability to force a device to disconnect from a secure network.

CVE-2024-40850 CVSS:5.5

Apple tvOS could allow a local attacker to obtain sensitive information, caused by a file access issue in the Game Center component. By using a specially crafted application, an attacker could exploit this vulnerability to access user-sensitive data.

CVE-2024-44176 CVSS:5.5

Apple tvOS is vulnerable to a denial of service, caused by an out-of-bounds access issue in the ImageIO component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-44183 CVSS:5.5

Apple tvOS is vulnerable to a denial of service, caused by a logic issue in the mDNSResponder component. By using a specially crafted application, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-44169 CVSS:5.5

Apple tvOS is vulnerable to a denial of service, caused by an issue in the IOSurfaceAccelerator component. By using a specially crafted application, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-44198 CVSS:5.5

Apple tvOS is vulnerable to a denial of service, caused by an integer overflow in the libxml2 component. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to cause a denial of service.

CVE-2024-27880 CVSS:5.5

Apple tvOS is vulnerable to a denial of service, caused by an out-of-bounds read issue in the ImageIO component. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to cause a denial of service.

Impact