PT-2023-8486 · Apple · Apple Macos

0X3C3E

Publicado

2023-07-24

Atualizado

2024-01-17

CVE-2023-42832

CVSS v3.1

7.0

Alta

Vetor

AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS versions prior to 11.7.9 macOS versions prior to 12.6.8 macOS versions prior to 13.5

Description A race condition was addressed with improved state handling, which could allow an app to gain root privileges. The issue is caused by concurrent execution using a shared resource with incorrect synchronization, also known as a race condition. This could potentially allow an attacker to elevate their privileges to the root level.

Recommendations For macOS versions prior to 11.7.9, update to macOS Big Sur 11.7.9 to resolve the issue. For macOS versions prior to 12.6.8, update to macOS Monterey 12.6.8 to resolve the issue. For macOS versions prior to 13.5, update to macOS Ventura 13.5 to resolve the issue.

Correção

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

BDU:2024-00965

CVE-2023-42832

Produtos afetados

Apple Macos

PT-2023-8486 · Apple · Apple Macos

CVE-2023-42832

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6