The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

No CVSS v2

Vendors Products
Apple
  • Iphone Os
  • Watchos
  • Tvos
  • Ipados
  • Safari
  • Macos

Configuration 1 [-]

OR cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
References
Link Resource
http://seclists.org/fulldisclosure/2024/Jan/27 Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jan/33 Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jan/34 Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jan/36 Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jan/39 Third Party Advisory
http://seclists.org/fulldisclosure/2024/Jan/40 Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/02/05/8
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/US43EQFC2IS66EA2CPAZFH2RQ6WD7PKF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X2VJMEDT4GL42AQVHSYOT6DIVJDZWIV4/
https://support.apple.com/en-us/HT214055 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214056 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214059 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214060 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214061 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT214063 Release Notes Vendor Advisory
https://support.apple.com/kb/HT214055
https://support.apple.com/kb/HT214056
https://support.apple.com/kb/HT214059
https://support.apple.com/kb/HT214060
https://support.apple.com/kb/HT214061
https://support.apple.com/kb/HT214063
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: apple

Published: 2024-01-23T00:25:24.505Z

Updated: 2024-01-23T00:25:24.505Z

Reserved: 2024-01-12T22:22:21.477Z

Link: CVE-2024-23213

JSON object: View

cve-icon NVD Information

Status : Modified

Published: 2024-01-23T01:15:11.183

Modified: 2024-06-12T10:15:29.957

Link: CVE-2024-23213

JSON object: View

cve-icon Redhat Information

No data.

CWE