ZDI-24-283: Apple macOS JP2 Image Parsing Uninitialized Pointer Information Disclosure Vulnerability

Read Time:16 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The ZDI has assigned a CVSS rating of 3.3. The following CVEs are assigned: CVE-2024-23257.

golang-github-aws-sdk-2-20250103-1.fc41 golang-github-aws-smithy-1.22.1-1.fc41 golang-github-ncw-swift-2-2.0.3-1.fc41 rclone-1.68.2-1.fc41

FEDORA-2025-0620fdebb6 Packages in this update: golang-github-aws-sdk-2-20250103-1.fc41 golang-github-aws-smithy-1.22.1-1.fc41 golang-github-ncw-swift-2-2.0.3-1.fc41 rclone-1.68.2-1.fc41 Update description: Fix for CVE-2024-52522 & CVE-2024-45338 Read More

January 5, 2025

Friday Squid Blogging: Anniversary Post

US Sanctions Chinese Cybersecurity Firm for Global Botnet Attacks

Atos Group Denies Space Bears’ Ransomware Attack Claims

ShredOS

Crypto Boss Extradited to Face $40bn Fraud Charges

DDoS Disrupts Japanese Mobile Giant Docomo

Web3 Attacks Result in $2.3Bn in Cryptocurrency Losses

Apple Agrees $95M Settlement Over Siri Privacy Violations

US Confirms Russian GenAI Disinformation Op Targeted Election

ZDI-24-283: Apple macOS JP2 Image Parsing Uninitialized Pointer Information Disclosure Vulnerability

golang-github-aws-sdk-2-20250103-1.fc41 golang-github-aws-smithy-1.22.1-1.fc41 golang-github-ncw-swift-2-2.0.3-1.fc41 rclone-1.68.2-1.fc41

mupdf-1.24.6-4.fc41

golang-github-aws-sdk-2-20250103-1.fc42 golang-github-rclone-gofakes3-0.0.3-1.fc42 rclone-1.68.2-1.fc42

suricata-7.0.8-1.el8

suricata-7.0.8-1.fc40

suricata-7.0.8-1.el9