CVE-2023-41983

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
http://seclists.org/fulldisclosure/2023/Oct/19	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2023/Oct/23	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2023/Oct/24	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2023/Oct/27	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/15/1	Mailing List
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/	Mailing List
https://security.gentoo.org/glsa/202401-33
https://support.apple.com/en-us/HT213981	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213982	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213984	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213986	Release Notes Vendor Advisory
https://support.apple.com/kb/HT213984	Vendor Advisory
https://www.debian.org/security/2023/dsa-5557	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:apple:safari::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:37:::::::*
	cpe:2.3:o:fedoraproject:fedora:38:::::::*
	cpe:2.3:o:fedoraproject:fedora:39:::::::*

Configuration 3 (hide)

OR	cpe:2.3:o:debian:debian_linux:11.0:::::::*
	cpe:2.3:o:debian:debian_linux:12.0:::::::*

History

31 Jan 2024, 15:15

Type	Values Removed	Values Added
References		() https://security.gentoo.org/glsa/202401-33 -

21 Jan 2024, 02:35

Type	Values Removed	Values Added
First Time		Fedoraproject fedora Debian Fedoraproject Debian debian Linux
References	~~() http://www.openwall.com/lists/oss-security/2023/11/15/1 -~~	() http://www.openwall.com/lists/oss-security/2023/11/15/1 - Mailing List
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RPPMOWFYZODONTA3RLZOKSGNR4DELGG2/ - Mailing List, Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/S3O7ITSBZDHLBM5OG22K6RZAHRRTGECM/ - Mailing List, Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTCZGQPRDAOPP6NK4CIDJKIPMBWD5J7K/ - Mailing List
References	~~() https://support.apple.com/kb/HT213984 -~~	() https://support.apple.com/kb/HT213984 - Vendor Advisory
References	~~() https://www.debian.org/security/2023/dsa-5557 -~~	() https://www.debian.org/security/2023/dsa-5557 - Third Party Advisory
CPE		cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:o:fedoraproject:fedora:37:::::::* cpe:2.3:o:debian:debian_linux:12.0:::::::* cpe:2.3:o:fedoraproject:fedora:39:::::::* cpe:2.3:o:fedoraproject:fedora:38:::::::*

Information

Published : 2023-10-25 19:15

Updated : 2024-01-31 15:15

NVD link : CVE-2023-41983

Mitre link : CVE-2023-41983

CVE.ORG link : CVE-2023-41983

JSON object : View

Products Affected

fedoraproject

fedora

apple

ipados
iphone_os
macos
safari

debian

debian_linux

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

6.5 /10