Amid growing concerns over cybersecurity threats, a critical vulnerability known as CVE-2024-44308 has been identified as actively exploited in the wild, impacting multiple versions of Apple Safari across iOS, visionOS, and macOS platforms. This vulnerability, located within WebKit’s DFG JIT compiler, allows for remote code execution (RCE), posing a significant risk to users.
The affected software and versions have been highlighted in a recent report, indicating that iOS versions 17.7.1 and 18.1, visionOS 2.12.1.1, and macOS Sequoia 15.1 are vulnerable to exploitation. However, Apple has moved swiftly to address this issue by releasing updates for iOS 17.7.2, 18.1.1, visionOS 2.1.1, and macOS Sequoia 15.1.1, effectively patching the vulnerability and safeguarding users against potential attacks.
The discovery of this vulnerability can be credited to the diligent efforts of Clément Lecigne and Benoît Sevens from Google’s Threat Analysis Group, who reported the issue, and Dohyun Lee of USELab at Korea University, who further analyzed the flaw. The vulnerability stems from a register corruption issue in JavaScriptCore, caused by improper allocation timing of the scratch2GPR register within the Speculative JIT compiling process. This flaw affects the DFGSpeculativeJIT.cpp file in WebKit and specifically impacts the handling of integer-typed arrays.
The critical error arises when the scratch2GPR register is allocated after invoking the getIntTypedArrayStoreOperand() function, potentially resulting in an inconsistent register state and opening the door to security risks. The patched code addresses this issue by correcting the order of operations, ensuring proper management of the scratch2GPR register, and maintaining the integrity of the register state even when a slow path is introduced.
A proof-of-concept (PoC) code has been shared, offering insight into triggering the vulnerability by manipulating JavaScript objects and arrays. While the PoC code remains unfinished, it sheds light on the exploit process, emphasizing the need for users to update their devices promptly to mitigate the risk posed by this vulnerability.
This incident serves as a stark reminder of the importance of timely software updates and ongoing monitoring for security vulnerabilities. Apple’s prompt response in releasing updates to address the CVE-2024-44308 vulnerability underscores the company’s commitment to safeguarding its platforms against emerging threats.
In conclusion, cybersecurity remains a pressing concern in today’s digital landscape, and it is essential for both individuals and organizations to prioritize security measures to mitigate the risks posed by vulnerabilities such as CVE-2024-44308. By staying vigilant, updating software regularly, and implementing robust security protocols, users can enhance their resilience against evolving cyber threats.