PT-2023-4223 · Apple+6 · Ios+10

Hazbinhotel

Published

2023-03-27

Updated

2025-01-28

CVE-2023-28198

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions iOS versions prior to 16.4 iPadOS versions prior to 16.4 macOS Ventura versions prior to 13.3

Description A use-after-free issue was addressed with improved memory management. Processing web content may lead to arbitrary code execution. The issue is related to the WebKit module, which is responsible for displaying web pages in the macOS operating system.

Recommendations For iOS versions prior to 16.4, update to iOS 16.4 or later. For iPadOS versions prior to 16.4, update to iPadOS 16.4 or later. For macOS Ventura versions prior to 13.3, update to macOS Ventura 13.3 or later.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2023:6535

ALSA-2023:7055

BDU:2023-04538

CESA-2023_4202

CESA-2023_7055

CVE-2023-28198

DSA-5396-1

DSA-5396-2

OPENSUSE-SU-2023_3753-1

RHSA-2023:4201

RHSA-2023:4202

RHSA-2023:6535

RHSA-2023:7055

RHSA-2023_4201

RHSA-2023_4202

RHSA-2023_6535

RHSA-2023_7055

RHSA-2025:10364

ROSA-SA-2025-2653

ROSA-SA-2025-2654

ROSA-SA-2025-2655

SUSE-SU-2023:3753-1

ZDI-23-1018

Affected Products

Almalinux

Astra Linux

Centos

Debian

Apple Macos

Red Hat

Suse

Webkit

Ios

Ipados

Macos Ventura

PT-2023-4223 · Apple+6 · Ios+10

CVE-2023-28198

Weakness Enumeration

Related Identifiers

Affected Products

References · 93