An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3, macOS Monterey 12.7.2. A user may be able to cause unexpected app termination or arbitrary code execution.
References
| Link | Resource |
|---|---|
| https://support.apple.com/en-us/HT214038 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/HT214037 | Release Notes Vendor Advisory |
| https://support.apple.com/en-us/HT214036 | Release Notes Vendor Advisory |
| http://seclists.org/fulldisclosure/2023/Dec/9 | Mailing List |
| http://seclists.org/fulldisclosure/2023/Dec/10 | Mailing List Third Party Advisory |
| http://seclists.org/fulldisclosure/2023/Dec/11 | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Dec 2023, 18:14
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-125 | |
| First Time |
Apple
Apple macos |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
| CPE | cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* | |
| References | () http://seclists.org/fulldisclosure/2023/Dec/9 - Mailing List | |
| References | () http://seclists.org/fulldisclosure/2023/Dec/10 - Mailing List, Third Party Advisory | |
| References | () https://support.apple.com/en-us/HT214038 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214037 - Release Notes, Vendor Advisory | |
| References | () https://support.apple.com/en-us/HT214036 - Release Notes, Vendor Advisory | |
| References | () http://seclists.org/fulldisclosure/2023/Dec/11 - Mailing List, Third Party Advisory |
13 Dec 2023, 01:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
12 Dec 2023, 01:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-12-12 01:15
Updated : 2023-12-13 18:14
NVD link : CVE-2023-42886
Mitre link : CVE-2023-42886
JSON object : View
Products Affected
apple
- macos
CWE
CWE-125
Out-of-bounds Read