CVE-2023-42942

Name of the Vulnerable Software and Affected Versions watchOS versions prior to 10.1 macOS Sonoma versions prior to 14.1 tvOS versions prior to 17.1 iOS versions prior to 16.7.2 and prior to 17.1 iPadOS versions prior to 16.7.2 and prior to 17.1 macOS Ventura versions prior to 13.6.1

Description This issue is related to errors in handling symbolic links, which may allow a malicious app to gain root privileges. The issue was addressed with improved handling of symlinks.

Recommendations For watchOS versions prior to 10.1, update to watchOS 10.1 or later. For macOS Sonoma versions prior to 14.1, update to macOS Sonoma 14.1 or later. For tvOS versions prior to 17.1, update to tvOS 17.1 or later. For iOS versions prior to 16.7.2, update to iOS 16.7.2 or later, and for versions prior to 17.1, update to iOS 17.1 or later. For iPadOS versions prior to 16.7.2, update to iPadOS 16.7.2 or later, and for versions prior to 17.1, update to iPadOS 17.1 or later. For macOS Ventura versions prior to 13.6.1, update to macOS Ventura 13.6.1 or later.