First published: Mon Mar 27 2023(Updated: )
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.
Credit: jzhu Trend Micro Zero Day InitiativeMeysam Firouzi @R00tkitSMM Mbition MercedesMeysam Firouzi @R00tkitSMM Mbition MercedesMeysam Firouzi @R00tkitSMM Mbition Mercedesjzhu Trend Micro Zero Day InitiativeMeysam Firouzi @R00tkitSMM Mbition Mercedes product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
<13.3 | 13.3 | |
Apple macOS | >=13.0<13.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-27939 is a vulnerability in ImageIO that allows an out-of-bounds read, which has been addressed with improved input validation.
CVE-2023-27939 affects macOS Ventura 13.3, where processing an image may result in disclosure of process memory.
CVE-2023-27939 has a severity rating of 5.5, which is considered medium.
To fix CVE-2023-27939, update your macOS Ventura to version 13.3 or later.
You can find more information about CVE-2023-27939 on the Apple support website: [link](https://support.apple.com/en-us/HT213670)