ZDI-25-165: Apple macOS ImageIO JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

Read Time:16 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-54499.

USN-7460-1: Linux kernel (Azure FIPS) vulnerabilities

Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local...

April 24, 2025

USN-7459-1: Linux kernel (Intel IoTG) vulnerabilities

Jann Horn discovered that the watch_queue event notification subsystem in the Linux kernel contained an out-of-bounds write vulnerability. A local...

April 24, 2025

USN-7458-1: Linux kernel (IBM) vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker...

April 24, 2025

USN-7457-1: OpenSSH vulnerability

It was discovered that OpenSSH incorrectly handled the DisableForwarding directive. The directive would fail to disable X11 and agent forwarding,...

April 24, 2025

rust-hickory-proto-0.24.4-1.fc42

FEDORA-2025-99f0d93d68 Packages in this update: rust-hickory-proto-0.24.4-1.fc42 Update description: Update to version 0.24.4. Also contains fixes for RUSTSEC-2025-0006. Read More

April 24, 2025

rust-hickory-proto-0.24.4-1.fc40

FEDORA-2025-5e5b0cc812 Packages in this update: rust-hickory-proto-0.24.4-1.fc40 Update description: Update to version 0.24.4. Also contains fixes for RUSTSEC-2025-0006. Read More

April 24, 2025

Verizon DBIR: Small Businesses Bearing the Brunt of Ransomware Attacks

Ransomware Attacks Fall Sharply in March

ETSI Unveils New Baseline Requirements for Securing AI

Ofcom Lays Down the Law with Child Safety Rules for Tech Giants

Smashing Security podcast #414: Zoom.. just one click and your data goes boom!

DOGE Worker’s Code Supports NLRB Whistleblower

Regulating AI Behavior with a Hypervisor

Verizon’s DBIR Reveals 34% Jump in Vulnerability Exploitation

FBI Reveals “Staggering” $16.6bn Lost to Cybercrime in 2024

ZDI-25-165: Apple macOS ImageIO JPG File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

USN-7460-1: Linux kernel (Azure FIPS) vulnerabilities

USN-7459-1: Linux kernel (Intel IoTG) vulnerabilities

USN-7458-1: Linux kernel (IBM) vulnerabilities

USN-7457-1: OpenSSH vulnerability

rust-hickory-proto-0.24.4-1.fc42

rust-hickory-proto-0.24.4-1.fc40