CVE-2024-54565: Race Condition
Published Dec 11, 2024
·Updated
Accounts. A logic issue was addressed with improved file handling.
Other sources
APFS. This issue was addressed through improved state management.
— Apple
Apple Account. The issue was addressed with improved handling of protocols.
— Apple
Apple Software Restore. The issue was addressed with improved checks.
— Apple
AppleGraphicsControl. The issue was addressed with improved memory handling.
— Apple
AppleMobileFileIntegrity. The issue was addressed with improved checks.
— Apple
Credit
Mickey Jin@@patch1t(Kandji), Csaba Fitzl@@theevilbit(Kandji), D4m0n, Mickey Jin@@patch1t, Arsenii Kostromin (0x3c3e), CertiK SkyFall Team, Hossein Lotfi@@hosselot(Trend Micro Zero Day Initiative), Dillon Franke(Google Project Zero), Smi1e@@Smi1eSEC, an anonymous researcher, Michael Cohen, D’Angelo Gonzalez(CrowdStrike), Rodolphe BRUNETTI@@eisw0lf(Lupus Nova), Kirin@@Pwnrin, 7feilee, Gary Kwong, Anonymous(Trend Micro Zero Day Initiative), Junsung Lee(Trend Micro Zero Day Initiative), Ye Zhang@@VAR10CK(Baidu Security), Joseph Ravichandran@@0xjprx(MIT CSAIL), sohybbyk, Hyerean Jang, Taehun Kim, Youngjoo Shin, CVE-2024-45490, 风沐云烟@@binary_fmyy, Meng Zhang (鲸落)(NorthSea), Andrew James Gonzalez, Dragon Fruit Security (Davis Dai, ORAC 落云, Frank Du cooperative discovery), Claudio Bozzato(Cisco Talos), Francesco Benvenuto(Cisco Talos), 神罚@@Pwnrin, Bohdan Stasiuk@@Bohdan_Stasiuk, Abhay Kailasia@@abhay_kailasia(C), Rakeshkumar Talaviya, Tomomasa Hiraiwa, Talal Haj Bakry(Mysk Inc), Tommy Mysk@@mysk_co(Mysk Inc), CVE-2016-1246, CVE-2023-31484, CVE-2023-31486, CVE-2023-47100, Jacob Braun, Rei@@reizydev, Kenneth Chew, Zhongquan Li@@Guluisacat, Michael DePlante@@izobashi(Trend Micro's Zero Day Initiative), Yokesh Muthu K, Csaba Fitzl@@theevilbit(OffSec), Mickey Jin@@patch1t(Microsoft), Jonathan Bar Or@@yo_yo_yo_jbo(Microsoft), Amy@@asentientbot, Rodolphe BRUNETTI@@eisw0lf, CVE-2024-45306, Seunghyun Lee, Brendon Tiszka(Google Project Zero), linjy(HKUS3Lab), chluo(WHUSecLab), Xiangwei Zhang(Tencent Security YUNDING LAB), Tashita Software Security, Lukas Bernhard, Halle Winkler, Politepix theoffcuts.org, Trent Lloyd@@lathiat, Wojciech Regula(SecuRing), Benjamin Hornbeck(ZUSO ART), Skadz@@skadz108(ZUSO ART), Chi Yuan Chang(ZUSO ART), taikosoup
Affected Software
3 affected componentsFixes available
apple macOS Sequoia<15.2
Apple macOS<15.2
apple macOS Sequoia<15.2
15.2
Event History
Dec 11, 2024
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
DescriptionWeakness
Updated
via Apple·12:00 AM
Description
Mar 17, 2025
CVE Published
via MITRE·07:38 PM
Data Sourced
via MITRE·07:38 PM
DescriptionWeakness
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2024-54488
- CVE-2024-54541
- CVE-2024-40864
- CVE-2024-54477
- CVE-2024-44220
- CVE-2024-54526
- CVE-2024-54527
- CVE-2024-54490
- CVE-2024-54509
- CVE-2024-54568
- CVE-2024-54529
- CVE-2024-54550
- CVE-2024-44271
- CVE-2024-54513
- CVE-2024-44300
- CVE-2024-54466
- CVE-2024-54489
- CVE-2024-54547
- CVE-2024-54519
- CVE-2024-54486
- CVE-2024-44291
- CVE-2024-54478
- CVE-2024-54499
- CVE-2024-54500
- CVE-2024-54517
- CVE-2024-54518
- CVE-2024-54522
- CVE-2024-54523
- CVE-2024-54506
- CVE-2024-54468
- CVE-2024-54507
- CVE-2024-54494
- CVE-2024-54510
- CVE-2024-44245
- CVE-2024-54531
- CVE-2024-54465
- CVE-2024-45490
- CVE-2024-54514
- CVE-2024-44225
- CVE-2024-54491
- CVE-2024-54484
- CVE-2024-54525
- CVE-2024-54536
- CVE-2024-54504
- CVE-2024-54474
- CVE-2024-54476
- CVE-2024-54530
- CVE-2024-54492
- CVE-2016-1246
- CVE-2023-31484
- CVE-2023-31486
- CVE-2023-47100
- CVE-2023-32395
- CVE-2024-54497
- CVE-2024-54537
- CVE-2024-44246
- CVE-2024-54542
- CVE-2024-54559
- CVE-2024-54501
- CVE-2024-54557
- CVE-2024-54516
- CVE-2024-54515
- CVE-2024-54528
- CVE-2024-54524
- CVE-2024-54498
- CVE-2024-54493
- CVE-2024-54533
- CVE-2024-44243
- CVE-2024-44224
- CVE-2024-54495
- CVE-2024-54549
- CVE-2024-54475
- CVE-2024-54520
- CVE-2024-45306
- CVE-2024-54485
- CVE-2024-54479
- CVE-2024-54502
- CVE-2024-54508
- CVE-2024-54505
- CVE-2024-54534
- CVE-2024-54543
- CVE-2024-54539
- CVE-2024-54565
Frequently Asked Questions
1
What is the severity of CVE-2024-54565?
CVE-2024-54565 has been classified as a moderate severity vulnerability.
2
How do I fix CVE-2024-54565?
To fix CVE-2024-54565, update your system to macOS Sequoia version 15.2 or later.
3
What kind of data could be accessed due to CVE-2024-54565?
CVE-2024-54565 potentially allows unauthorized access to sensitive user data.
4
Which versions of macOS Sequoia are affected by CVE-2024-54565?
CVE-2024-54565 affects macOS Sequoia versions prior to 15.2.
5
Is there a workaround for CVE-2024-54565?
There are no official workarounds for CVE-2024-54565; the recommended action is to update to the fixed version.