First published: Mon Mar 27 2023(Updated: )
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.
Credit: Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <15.7.4 | 15.7.4 |
Apple iPadOS | <15.7.4 | 15.7.4 |
Apple Ipad Os | <15.7.4 | |
Apple iPhone OS | <15.7.4 | |
Apple macOS | >=11.0<11.7.5 | |
Apple macOS | >=12.0<12.6.4 | |
Apple macOS | >=13.0<13.3 | |
Apple macOS Ventura | <13.3 | 13.3 |
Apple macOS Big Sur | <11.7.5 | 11.7.5 |
Apple macOS Monterey | <12.6.4 | 12.6.4 |
Apple iPadOS | <15.7.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-27946 is a vulnerability that allows for an out-of-bounds read, which can result in unexpected app termination or arbitrary code execution.
CVE-2023-27946 affects various Apple devices including iOS, iPadOS, and macOS.
The severity of CVE-2023-27946 is high, with a CVSS score of 7.8.
To fix CVE-2023-27946, update your device to the latest version of macOS Ventura, iOS, iPadOS, macOS Monterey, or macOS Big Sur as mentioned in the Apple security advisories.
You can find more information about CVE-2023-27946 in the Apple security advisories: [link1], [link2], [link3].