Vulnerabilities > CVE-2023-42917 - Out-of-bounds Write vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Related news
References
- http://seclists.org/fulldisclosure/2023/Dec/12
- http://seclists.org/fulldisclosure/2023/Dec/12
- http://seclists.org/fulldisclosure/2023/Dec/13
- http://seclists.org/fulldisclosure/2023/Dec/13
- http://seclists.org/fulldisclosure/2023/Dec/3
- http://seclists.org/fulldisclosure/2023/Dec/3
- http://seclists.org/fulldisclosure/2023/Dec/4
- http://seclists.org/fulldisclosure/2023/Dec/4
- http://seclists.org/fulldisclosure/2023/Dec/5
- http://seclists.org/fulldisclosure/2023/Dec/5
- http://seclists.org/fulldisclosure/2023/Dec/8
- http://seclists.org/fulldisclosure/2023/Dec/8
- http://seclists.org/fulldisclosure/2024/Jan/35
- http://seclists.org/fulldisclosure/2024/Jan/35
- http://www.openwall.com/lists/oss-security/2023/12/05/1
- http://www.openwall.com/lists/oss-security/2023/12/05/1
- https://lists.fedoraproject.org/archives/list/[email protected]/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
- https://lists.fedoraproject.org/archives/list/[email protected]/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/
- https://security.gentoo.org/glsa/202401-04
- https://security.gentoo.org/glsa/202401-04
- https://support.apple.com/en-us/HT214031
- https://support.apple.com/en-us/HT214031
- https://support.apple.com/en-us/HT214032
- https://support.apple.com/en-us/HT214032
- https://support.apple.com/en-us/HT214033
- https://support.apple.com/en-us/HT214033
- https://support.apple.com/kb/HT214033
- https://support.apple.com/kb/HT214033
- https://support.apple.com/kb/HT214034
- https://support.apple.com/kb/HT214034
- https://support.apple.com/kb/HT214062
- https://support.apple.com/kb/HT214062
- https://www.debian.org/security/2023/dsa-5575
- https://www.debian.org/security/2023/dsa-5575