A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
26 Jun 2024, 20:01
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:a:webkitgtk:webkitgtk\+:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:* |
|
References | () http://seclists.org/fulldisclosure/2023/Dec/12 - Mailing List, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2023/Dec/13 - Mailing List, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2023/Dec/3 - Mailing List, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2023/Dec/4 - Mailing List, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2023/Dec/5 - Mailing List, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2023/Dec/8 - Mailing List, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2024/Jan/35 - Mailing List, Third Party Advisory | |
References | () http://www.openwall.com/lists/oss-security/2023/12/05/1 - Mailing List, Third Party Advisory | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/ - Mailing List, Release Notes | |
References | () https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/ - Mailing List, Release Notes | |
References | () https://security.gentoo.org/glsa/202401-04 - Third Party Advisory | |
References | () https://support.apple.com/kb/HT214033 - Vendor Advisory | |
References | () https://support.apple.com/kb/HT214034 - Vendor Advisory | |
References | () https://support.apple.com/kb/HT214062 - Vendor Advisory | |
References | () https://www.debian.org/security/2023/dsa-5575 - Mailing List, Third Party Advisory | |
First Time |
Debian
Debian debian Linux Webkitgtk webkitgtk\+ Fedoraproject fedora Webkitgtk Fedoraproject |
12 Jun 2024, 10:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Jun 2024, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
26 Jan 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Jan 2024, 14:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Dec 2023, 03:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
13 Dec 2023, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
12 Dec 2023, 02:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Dec 2023, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
06 Dec 2023, 16:27
Type | Values Removed | Values Added |
---|---|---|
References | () https://support.apple.com/en-us/HT214033 - Release Notes, Vendor Advisory | |
References | () https://support.apple.com/en-us/HT214031 - Release Notes, Vendor Advisory | |
References | () http://www.openwall.com/lists/oss-security/2023/12/05/1 - Third Party Advisory | |
References | () https://support.apple.com/en-us/HT214032 - Release Notes, Vendor Advisory | |
CPE | cpe:2.3:a:apple:safari:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
05 Dec 2023, 15:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Nov 2023, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-30 23:15
Updated : 2024-06-26 20:01
NVD link : CVE-2023-42917
Mitre link : CVE-2023-42917
CVE.ORG link : CVE-2023-42917
JSON object : View
Products Affected
apple
- macos
- ipados
- safari
- iphone_os
webkitgtk
- webkitgtk\+
debian
- debian_linux
fedoraproject
- fedora
CWE
CWE-787
Out-of-bounds Write