Memory Disclosure Vulnerability in Apple Operating Systems
CVE-2023-40391

5.5MEDIUM

Key Information:

Vendor: Apple
Status: iOS And iPad OS; Xcode; TV OS; Mac OS
Vendor: CVE Published:; 27 September 2023

Summary

A memory handling issue has been identified in Apple's operating systems, which could allow an application to disclose sensitive kernel memory. This flaw affects users running tvOS 17, iOS 17, iPadOS 17, macOS Sonoma 14, and Xcode 15. Apple has implemented fixes to mitigate this risk, ensuring improved memory management practices in its latest updates.

Affected Version(s)

iOS and iPadOS < 17

macOS < 14

tvOS < 17

References

https://support.apple.com/en-us/HT213938

https://support.apple.com/en-us/HT213939

https://support.apple.com/en-us/HT213936

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 27, 2023
Vulnerability Reserved
Aug 14, 2023