CVE-2023-42956

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Safari versions prior to 17.2 iOS versions prior to 17.2 iPadOS versions prior to 17.2 macOS Sonoma versions prior to 14.2 WebKitGTK (affected versions not specified) WPE WebKit (affected versions not specified)

Description The issue is related to a buffer overflow in the WebKitGTK and WPE WebKit modules for displaying web pages. This can be exploited by a remote attacker to cause a denial-of-service. The issue was addressed with improved memory handling. Processing web content may lead to a denial-of-service.

Recommendations For Safari versions prior to 17.2, update to Safari 17.2 or later. For iOS versions prior to 17.2, update to iOS 17.2 or later. For iPadOS versions prior to 17.2, update to iPadOS 17.2 or later. For macOS Sonoma versions prior to 14.2, update to macOS Sonoma 14.2 or later. For WebKitGTK, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For WPE WebKit, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2024:9144

BDU:2024-06922

CVE-2023-42956

DSA-5684-1

INFSA-2024_9144

MGASA-2024-0148

RHSA-2024:9144

RHSA-2024_9144

RHSA-2025:10364

SUSE-SU-2024:1269-1

SUSE-SU-2024:1270-1

SUSE-SU-2024:1293-1

SUSE-SU-2024:1944-1

SUSE-SU-2024:1976-1

USN-6732-1

Affected Products

Almalinux

Astra Linux

Debian

Linuxmint

Apple Macos

Red Hat

Safari

Suse

Ubuntu

Ios

Ipados

Macos Sonoma

CVE-2023-42956

Weakness Enumeration

Related Identifiers

Affected Products

References · 93