First published: Mon Mar 27 2023(Updated: )
A race condition was addressed with improved locking. This issue is fixed in macOS Ventura 13.3. An app may bypass Gatekeeper checks
Credit: product-security@apple.com product-security@apple.com Csaba Fitzl @theevilbit Offensive SecurityCsaba Fitzl @theevilbit Offensive Security
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS | <13.3 | |
Apple macOS Ventura | <13.3 | 13.3 |
Apple macOS Sonoma | <14.6 | 14.6 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-27952 is a vulnerability in Safari that allows an app to bypass Gatekeeper checks due to a race condition.
The severity of CVE-2023-27952 is medium, with a severity value of 4.7.
CVE-2023-27952 was addressed by improving locking to fix the race condition in Safari.
CVE-2023-27952 affects macOS Ventura 13.3 and Apple iPadOS up to version 13.3.
To fix the CVE-2023-27952 vulnerability, update your macOS Ventura to version 13.3 or later and update your Apple iPadOS to version 13.3 or later.