First published: Mon Mar 27 2023(Updated: )
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. An app may be able to disclose kernel memory.
Credit: Arsenii Kostromin (0x3c3e) Arsenii Kostromin (0x3c3e) Arsenii Kostromin (0x3c3e) Arsenii Kostromin (0x3c3e) Arsenii Kostromin (0x3c3e) Arsenii Kostromin (0x3c3e) Arsenii Kostromin (0x3c3e) product-security@apple.com product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Ventura | <13.3 | 13.3 |
Apple macOS | >=13.0<13.3 | |
<12.6.4 | 12.6.4 | |
<11.7.5 | 11.7.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2023-28199 is a vulnerability in the Kernel of macOS Ventura that allows an app to disclose kernel memory.
CVE-2023-28199 has a severity rating of medium (5.5).
To fix CVE-2023-28199, you should update your macOS Ventura to version 13.3 or later.
The Common Weakness Enumeration (CWE) for CVE-2023-28199 is CWE-20 and CWE-125.
You can find more information about CVE-2023-28199 at the following link: [link](https://support.apple.com/en-us/HT213670).