PT-2023-27436 · Apple · Macos Sonoma+1
Published
2023-10-25
·
Updated
2024-05-29
·
CVE-2023-40404
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
macOS Sonoma versions prior to 14.1
Description
A use-after-free issue was addressed with improved memory management, allowing an app to potentially execute arbitrary code with kernel privileges.
Recommendations
For macOS Sonoma versions prior to 14.1, update to macOS Sonoma 14.1 to resolve the issue. As a temporary workaround, consider restricting kernel extension loading to minimize the risk of exploitation.
Exploit
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos
Macos Sonoma