CVE-2023-40420
First published: Mon Sep 18 2023(Updated: )
CoreAnimation. The issue was addressed with improved memory handling.
Credit: 이준성(Junsung Lee) Cross Republic이준성(Junsung Lee) Cross Republic이준성(Junsung Lee) Cross Republic이준성(Junsung Lee) Cross Republic이준성(Junsung Lee) Cross Republic이준성(Junsung Lee) Cross Republic이준성(Junsung Lee) Cross Republic product-security@apple.com product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPadOS | <16.7 | |
| Apple iPhone OS | <16.7 | |
| Apple macOS | >=12.0.0<12.7 | |
| Apple macOS | >=13.0<13.6 | |
| Apple tvOS | <17.0 | |
| Apple watchOS | <10.0 | |
| Apple macOS Monterey | <12.7 | 12.7 |
| Apple macOS Ventura | <13.6 | 13.6 |
| Apple iOS | <16.7 | 16.7 |
| Apple iPadOS | <16.7 | 16.7 |
| Apple macOS Sonoma | <14 | 14 |
| <17 | 17 | |
| <17 | 17 | |
| <17 | 17 | |
| Apple watchOS | <10 | 10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2023/Oct/10
- http://seclists.org/fulldisclosure/2023/Oct/5
- https://support.apple.com/en-us/HT213927 (Advisory)
- https://support.apple.com/en-us/HT213931 (Advisory)
- https://support.apple.com/en-us/HT213932 (Advisory)
- https://support.apple.com/en-us/HT213936 (Advisory)
- https://support.apple.com/en-us/HT213937 (Advisory)
- https://support.apple.com/en-us/HT213938 (Advisory)
- https://support.apple.com/en-us/HT213940 (Advisory)
- https://support.apple.com/kb/HT213932
- https://support.apple.com/kb/HT213931
- https://support.apple.com/kb/HT213927
- https://support.apple.com/kb/HT213940
- http://seclists.org/fulldisclosure/2023/Oct/6
- http://seclists.org/fulldisclosure/2023/Oct/8
- http://seclists.org/fulldisclosure/2023/Oct/9
- http://seclists.org/fulldisclosure/2023/Oct/3
- http://seclists.org/fulldisclosure/2023/Oct/4
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-40412
- CVE-2023-40409
- CVE-2023-40410
- CVE-2023-38612
- CVE-2023-41232
- CVE-2023-40406
- CVE-2023-40420
- CVE-2023-41968
- CVE-2023-40395
- CVE-2023-41984
- CVE-2023-41992
- CVE-2023-41073
- CVE-2023-40454
- CVE-2023-40403
- CVE-2023-40427
- CVE-2023-40452
- CVE-2023-41071
- CVE-2023-41981
- CVE-2023-41063
- CVE-2023-41996
- CVE-2023-41991
- CVE-2023-41070
- CVE-2023-40448
- CVE-2023-40438
- CVE-2023-41068
- CVE-2023-40401
- CVE-2023-35990
- CVE-2023-41993
- CVE-2023-40384
- CVE-2023-32377
- CVE-2023-38615
- CVE-2023-40432
- CVE-2023-42871
- CVE-2023-40399
- CVE-2023-42872
- CVE-2023-42929
- CVE-2023-42925
- CVE-2023-32361
- CVE-2023-35984
- CVE-2023-40402
- CVE-2023-40426
- CVE-2023-42876
- CVE-2023-41065
- CVE-2023-29497
- CVE-2023-38596
- CVE-2023-42943
- CVE-2023-40528
- CVE-2023-41994
- CVE-2023-40407
- CVE-2023-32396
- CVE-2023-42933
- CVE-2023-41980
- CVE-2023-40411
- CVE-2023-40391
- CVE-2023-40441
- CVE-2023-42959
- CVE-2023-23495
- CVE-2023-40434
- CVE-2023-38586
- CVE-2023-40436
- CVE-2023-40396
- CVE-2023-41995
- CVE-2023-42870
- CVE-2023-40429
- CVE-2023-41060
- CVE-2023-41067
- CVE-2023-40400
- CVE-2023-42957
- CVE-2023-32421
- CVE-2023-42826
- CVE-2023-42918
- CVE-2023-41986
- CVE-2023-40455
- CVE-2023-40386
- CVE-2023-38408
- CVE-2023-40393
- CVE-2023-42949
- CVE-2023-42934
- CVE-2023-37448
- CVE-2023-38607
- CVE-2023-41987
- CVE-2023-40422
- CVE-2023-39233
- CVE-2023-40388
- CVE-2023-40417
- CVE-2023-40430
- CVE-2023-41078
- CVE-2023-40541
- CVE-2023-41079
- CVE-2023-40443
- CVE-2023-40450
- CVE-2023-42948
- CVE-2023-40424
- CVE-2023-39434
- CVE-2023-40414
- CVE-2023-41074
- CVE-2023-35074
- CVE-2023-32359
- CVE-2023-40385
- CVE-2023-42833
- CVE-2023-38610
- CVE-2023-41066
- CVE-2023-41979
- CVE-2023-41174
- CVE-2023-40418
- CVE-2023-40456
- CVE-2023-40520
- CVE-2023-40419
- CVE-2023-40529
- CVE-2023-41069
- CVE-2023-40431
- CVE-2023-41974
- CVE-2023-40428
Frequently Asked Questions
What is the vulnerability ID for this issue of improved memory handling in CoreAnimation?
The vulnerability ID for this issue of improved memory handling in CoreAnimation is CVE-2023-40420.
Which software versions are affected by CVE-2023-40420?
CVE-2023-40420 affects tvOS version up to (but exclusive) 17, iOS version up to (but exclusive) 17, iPadOS version up to (but exclusive) 17, watchOS version up to (but exclusive) 10, and macOS Sonoma version up to (but exclusive) 14.
What is the vendor and product name associated with CVE-2023-40420?
The vendor and product name associated with CVE-2023-40420 is Apple CoreAnimation.
How was the issue of improved memory handling in CoreAnimation addressed?
The issue of improved memory handling in CoreAnimation was addressed by Apple.
Where can I find more information about CVE-2023-40420?
You can find more information about CVE-2023-40420 on the Apple support website at the following links: [link1](https://support.apple.com/en-us/HT213937), [link2](https://support.apple.com/en-us/HT213940), [link3](https://support.apple.com/en-us/HT213936).
- agent/type
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/severity
- agent/author
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/description
- agent/last-modified-date
- agent/tags
- agent/references
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple macos
- version/apple macos/12.0.0
- version/apple macos/13.0
- canonical/apple tvos
- canonical/apple watchos
- canonical/apple macos monterey
- canonical/apple macos ventura
- canonical/apple ios
- canonical/apple macos sonoma