The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. Processing a maliciously crafted image may result in disclosure of process memory.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2024/Jan/34 | Third Party Advisory |
http://seclists.org/fulldisclosure/2024/Jan/37 | Third Party Advisory |
http://seclists.org/fulldisclosure/2024/Jan/38 | Third Party Advisory |
https://support.apple.com/en-us/HT214035 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT214036 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT214041 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT214057 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT214058 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT214063 | Release Notes Vendor Advisory |
https://support.apple.com/kb/HT214035 | Release Notes Vendor Advisory |
https://support.apple.com/kb/HT214036 | Release Notes Vendor Advisory |
https://support.apple.com/kb/HT214041 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
26 Jan 2024, 20:53
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-noinfo | |
References | () http://seclists.org/fulldisclosure/2024/Jan/34 - Third Party Advisory | |
References | () https://support.apple.com/kb/HT214041 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214041 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214035 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214036 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214057 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/kb/HT214036 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214063 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214058 - Release Notes, Vendor Advisory | |
References | () http://seclists.org/fulldisclosure/2024/Jan/37 - Third Party Advisory | |
References | () https://support.apple.com/kb/HT214035 - Release Notes, Vendor Advisory | |
References | () http://seclists.org/fulldisclosure/2024/Jan/38 - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
First Time |
Apple watchos
Apple Apple iphone Os Apple ipados Apple macos |
26 Jan 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Jan 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Jan 2024, 01:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-01-23 01:15
Updated : 2024-02-28 20:54
NVD link : CVE-2023-42888
Mitre link : CVE-2023-42888
CVE.ORG link : CVE-2023-42888
JSON object : View
Products Affected
apple
- iphone_os
- ipados
- macos
- watchos
CWE