CVE-2023-38592

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions WebKitGTK versions prior to the fixed version WPE WebKit versions prior to the fixed version iOS versions prior to 16.6 iPadOS versions prior to 16.6 watchOS versions prior to 9.6 tvOS versions prior to 16.6 macOS Ventura versions prior to 13.5

Description A logic issue was addressed with improved restrictions. Processing web content may lead to arbitrary code execution. This issue is caused by a buffer overflow in the web page display modules of WebKitGTK and WPE WebKit.

Recommendations For WebKitGTK, update to a version that includes the fix for this issue. For WPE WebKit, update to a version that includes the fix for this issue. For iOS, update to version 16.6 or later. For iPadOS, update to version 16.6 or later. For watchOS, update to version 9.6 or later. For tvOS, update to version 16.6 or later. For macOS Ventura, update to version 13.5 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2023:6535

ALSA-2023:7055

BDU:2023-06499

CESA-2023_7055

CVE-2023-38592

DSA-5468-1

MGASA-2024-0148

OPENSUSE-SU-2023_3233-1

OPENSUSE-SU-2023_3419-1

RHSA-2023:6535

RHSA-2023:7055

RHSA-2023_6535

RHSA-2023_7055

RHSA-2025:10364

SUSE-SU-2023:3233-1

SUSE-SU-2023:3237-1

SUSE-SU-2023:3300-1

SUSE-SU-2023:3419-1

USN-6289-1

Affected Products

Almalinux

Astra Linux

Centos

Debian

Linuxmint

Apple Macos

Red Hat

Suse

Ubuntu

Wpe Webkit

Webkitgtk

Ios

Ipados

Macos Ventura

Tvos

Watchos

CVE-2023-38592

Weakness Enumeration

Related Identifiers

Affected Products

References · 127