Apple Products Memory Corruption Vulnerability via AirPlay

A memory corruption vulnerability has been identified in multiple Apple operating systems, including macOS Sequoia 15.3, visionOS 2.3, iPadOS 17.7.7, watchOS 11.3, macOS Sonoma 14.7.5, iOS 18.3, and tvOS 18.3. This vulnerability allows an application to cause an unexpected termination of the app or system. The issue arises from a type confusion problem that was addressed with improved input validation and memory management.

Impact

Exploitation of this vulnerability can lead to memory corruption, allowing for potential arbitrary code execution or causing an application to terminate unexpectedly.

Reproduction

The vulnerability can be reproduced by sending a maliciously crafted AirPlay request over the local network to a device running one of the affected operating systems. This can be done using a tool or script that automates the process of sending such requests, taking advantage of the AirPlay protocol's vulnerabilities.

Remediation

Users can update to the latest version of the operating system to address this vulnerability. Instructions for updating can be found on the Apple Support website.