A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to arbitrary code execution.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2024/02/05/8 | |
https://support.apple.com/en-us/HT213936 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213937 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213938 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213940 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213941 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
06 Feb 2024, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
18 Jan 2024, 14:30
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.apple.com/en-us/HT213941 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT213940 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT213937 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT213938 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT213936 - Release Notes, Vendor Advisory | |
CPE | cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* |
|
First Time |
Apple
Apple iphone Os Apple macos Apple ipados Apple watchos Apple safari Apple tvos |
|
CWE | CWE-416 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
10 Jan 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-10 22:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-40414
Mitre link : CVE-2023-40414
CVE.ORG link : CVE-2023-40414
JSON object : View
Products Affected
apple
- macos
- watchos
- iphone_os
- ipados
- safari
- tvos
CWE
CWE-416
Use After Free