Apple CoreMedia and WebKit Vulnerability in Multiple Products Allowing Memory Corruption and App Termination

A vulnerability exists in the CoreMedia framework of several Apple operating systems, including visionOS, macOS Ventura, tvOS, and iPadOS. This issue arises from improper memory handling when processing maliciously crafted video files, which can lead to unexpected app termination or corruption of process memory. Additionally, a similar vulnerability in the WebKit framework can cause an unexpected Safari crash by processing malicious web content. Both vulnerabilities have been addressed with improved memory management and input validation.

Impact

Exploitation of this vulnerability can lead to memory corruption, allowing for potential arbitrary code execution, according to the Apple security update documentation.

Remediation

Users can update to the latest versions of the affected operating systems to address this vulnerability. Instructions for updating can be found on the Apple Support website.