CVE-2023-41993

Published: September 21, 2023Last modified: April 23, 2024

Description

The issue was addressed with improved checks. This issue is fixed in Safari 16.6.1, macOS Ventura 13.6, OS 17.0.1 and iPadOS 17.0.1, iOS 16.7 and iPadOS 16.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Severity score breakdown

Status

References

• http://seclists.org/fulldisclosure/2023/Oct/2
• http://seclists.org/fulldisclosure/2023/Oct/3
• http://seclists.org/fulldisclosure/2023/Oct/4
• http://seclists.org/fulldisclosure/2023/Sep/13
• http://seclists.org/fulldisclosure/2023/Sep/14
• http://seclists.org/fulldisclosure/2023/Sep/15
• http://seclists.org/fulldisclosure/2023/Sep/19
• http://www.openwall.com/lists/oss-security/2023/09/28/3
• https://lists.fedoraproject.org/archives/list/[email protected]/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/
• https://lists.fedoraproject.org/archives/list/[email protected]/message/7ELXBV26Q54BIOVN5LBCJFM2G6VQZ7FO/
• https://lists.fedoraproject.org/archives/list/[email protected]/message/EYRHTFVN6FTXLZ27IPTNRSXKBAR2SOMA/
• https://security.gentoo.org/glsa/202401-33
• https://security.netapp.com/advisory/ntap-20240426-0004/
• https://support.apple.com/en-us/HT213926
• https://support.apple.com/en-us/HT213927
• https://support.apple.com/en-us/HT213930
• https://support.apple.com/en-us/HT213931
• https://support.apple.com/en-us/HT213940
• https://support.apple.com/en-us/HT213941
• https://support.apple.com/kb/HT213926
• https://support.apple.com/kb/HT213930
• https://www.debian.org/security/2023/dsa-5527

Published BELL-SAs

• BELL-SA-2024:30