Lucene search

K

AppleVULNRICHMENT:CVE-2023-40416

HistoryOct 25, 2023 - 6:31 p.m.

CVE-2023-40416

2023-10-2518:31:40

apple

github.com

memory handling

ios 17.1

ipados 17.1

macos monterey 12.7.1

ios 16.7.2

ipados 16.7.2

macos ventura 13.6.1

macos sonoma 14.1

image processing

process memory disclosure

AI Score

5.7

Confidence

Low

EPSS

0.002

Percentile

54.8%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Ventura 13.6.1, macOS Sonoma 14.1. Processing an image may result in disclosure of process memory.

References

seclists.org/fulldisclosure/2023/Oct/19

seclists.org/fulldisclosure/2023/Oct/21

seclists.org/fulldisclosure/2023/Oct/23

seclists.org/fulldisclosure/2023/Oct/24

seclists.org/fulldisclosure/2023/Oct/26

support.apple.com/en-us/HT213981

support.apple.com/en-us/HT213982

support.apple.com/en-us/HT213983

support.apple.com/en-us/HT213984

support.apple.com/en-us/HT213985

support.apple.com/kb/HT213981

support.apple.com/kb/HT213982

support.apple.com/kb/HT213983

support.apple.com/kb/HT213984

support.apple.com/kb/HT213985

AI Score

5.7

Confidence

Low

EPSS

0.002

Percentile

54.8%

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

Related for VULNRICHMENT:CVE-2023-40416

nvd1 prion1 cve1 cvelist1 malwarebytes1 apple5 openvas3 nessus3