PT-2023-8869 · Apple+9 · Watchos+15

Eternalsakura13

+2

·

Publicado

2023-12-11

·

Atualizado

2026-05-08

·

CVE-2023-42950

CVSS v2.0

10

Alta

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Safari versions prior to 17.2 iOS versions prior to 17.2 iPadOS versions prior to 17.2 tvOS versions prior to 17.2 watchOS versions prior to 10.2 macOS Sonoma versions prior to 14.2
Description A use after free issue was addressed with improved memory management. Processing maliciously crafted web content may lead to arbitrary code execution. The issue is related to the use of memory after it has been freed, which can be exploited by a remote attacker to execute arbitrary code.
Recommendations For Safari versions prior to 17.2, update to Safari 17.2 or later. For iOS versions prior to 17.2, update to iOS 17.2 or later. For iPadOS versions prior to 17.2, update to iPadOS 17.2 or later. For tvOS versions prior to 17.2, update to tvOS 17.2 or later. For watchOS versions prior to 10.2, update to watchOS 10.2 or later. For macOS Sonoma versions prior to 14.2, update to macOS Sonoma 14.2 or later.

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALSA-2024:9144
BDU:2024-02479
BIT-JAVA-2023-42950
BIT-JAVA-MIN-2023-42950
BIT-JRE-2023-42950
CESA-2024_9636
CVE-2023-42950
DSA-5684-1
INFSA-2024_9144
MGASA-2024-0148
OESA-2024-2485
OESA-2024-2486
OESA-2024-2487
OESA-2024-2488
OESA-2024-2489
RHSA-2024:9144
RHSA-2024:9636
RHSA-2024_9144
RHSA-2024_9636
RHSA-2025:10364
SUSE-SU-2024:1269-1
SUSE-SU-2024:1270-1
SUSE-SU-2024:1293-1
SUSE-SU-2024:1944-1
SUSE-SU-2024:1976-1
USN-6732-1

Produtos afetados

Almalinux
Astra Linux
Centos
Debian
Java Platform
Linuxmint
Apple Macos
Red Hat
Safari
Suse
Ubuntu
Ios
Ipados
Macos Sonoma
Tvos
Watchos