What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2023-40441.

What is the title of this vulnerability?

The title of this vulnerability is 'GPU Drivers. A resource exhaustion issue was addressed with improved input validation.'

What is the description of this vulnerability?

The description of this vulnerability is 'GPU Drivers. A resource exhaustion issue was addressed with improved input validation.'

Which software products are affected by this vulnerability?

This vulnerability affects Apple iOS versions up to, but excluding, version 17, Apple iPadOS versions up to, but excluding, version 17, and Apple macOS Sonoma versions up to, but excluding, version 14.

How was this vulnerability addressed?

This vulnerability was addressed by improving input validation in the GPU drivers.

What is the Common Weakness Enumeration (CWE) for this vulnerability?

The Common Weakness Enumeration (CWE) for this vulnerability is CWE-20.

Where can I find more information about this vulnerability?

You can find more information about this vulnerability on the following reference links: [support.apple.com/en-us/HT213940](support.apple.com/en-us/HT213940) and [support.apple.com/en-us/HT213938](support.apple.com/en-us/HT213938).

Vulnerability/
CVE-2023-40441

medium

6.5

CWE

20 400

EPSS

0.056%

18/9/2023

27/9/2023

24/4/2024

CVE-2023-40441: Input Validation

First published: Mon Sep 18 2023(Updated: )

A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to a denial-of-service.

Credit: Ron Masas ImpervaRon Masas Imperva product-security@apple.com product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iOS	<17	17
Apple iPadOS	<17	17
	<14	14
Apple iPadOS	<17.0
Apple iPhone OS	<17.0
Apple macOS	<14.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2023-40384
CVE-2023-32377
CVE-2023-38615
CVE-2023-42929
CVE-2023-40448
CVE-2023-42872
CVE-2023-40432
CVE-2023-42871
CVE-2023-40399
CVE-2023-40410
CVE-2023-38612
CVE-2023-32361
CVE-2023-35984
CVE-2023-40402
CVE-2023-40426
CVE-2023-42876
CVE-2023-41065
CVE-2023-29497
CVE-2023-38596
CVE-2023-40406
CVE-2023-40420
CVE-2023-40528
CVE-2023-40438
CVE-2023-41994
CVE-2023-40407
CVE-2023-32396
CVE-2023-42933
CVE-2023-41980
CVE-2023-40411
CVE-2023-40395
CVE-2023-40391
CVE-2023-40441
CVE-2023-23495
CVE-2023-40434
CVE-2023-38586
CVE-2023-40436
CVE-2023-41995
CVE-2023-42870
CVE-2023-41981
CVE-2023-41984
CVE-2023-40429
CVE-2023-41060
CVE-2023-41067
CVE-2023-40400
CVE-2023-40454
CVE-2023-41073
CVE-2023-40403
CVE-2023-40427
CVE-2023-32421
CVE-2023-42826
CVE-2023-41986
CVE-2023-40455
CVE-2023-40386
CVE-2023-38408
CVE-2023-40401
CVE-2023-40393
CVE-2023-42934
CVE-2023-37448
CVE-2023-38607
CVE-2023-41987
CVE-2023-41063
CVE-2023-40422
CVE-2023-39233
CVE-2023-40388
CVE-2023-35990
CVE-2023-40417
CVE-2023-40452
CVE-2023-40430
CVE-2023-41996
CVE-2023-41078
CVE-2023-41070
CVE-2023-40541
CVE-2023-41079
CVE-2023-40443
CVE-2023-41968
CVE-2023-40450
CVE-2023-40424
CVE-2023-39434
CVE-2023-40414
CVE-2023-41074
CVE-2023-35074
CVE-2023-41993
CVE-2023-32359
CVE-2023-40385
CVE-2023-42833
CVE-2023-38610
CVE-2023-41066
CVE-2023-41979
CVE-2023-40529
CVE-2023-41174
CVE-2023-40409
CVE-2023-40412
CVE-2023-41071
CVE-2023-41232
CVE-2023-41069
CVE-2023-40431
CVE-2023-41974
CVE-2023-41068
CVE-2023-40456
CVE-2023-40520
CVE-2023-40419
CVE-2023-40428

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-40441.
What is the title of this vulnerability?
The title of this vulnerability is 'GPU Drivers. A resource exhaustion issue was addressed with improved input validation.'
What is the description of this vulnerability?
The description of this vulnerability is 'GPU Drivers. A resource exhaustion issue was addressed with improved input validation.'
Which software products are affected by this vulnerability?
This vulnerability affects Apple iOS versions up to, but excluding, version 17, Apple iPadOS versions up to, but excluding, version 17, and Apple macOS Sonoma versions up to, but excluding, version 14.
How was this vulnerability addressed?
This vulnerability was addressed by improving input validation in the GPU drivers.
What is the Common Weakness Enumeration (CWE) for this vulnerability?
The Common Weakness Enumeration (CWE) for this vulnerability is CWE-20.
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the following reference links: [support.apple.com/en-us/HT213940](support.apple.com/en-us/HT213940) and [support.apple.com/en-us/HT213938](support.apple.com/en-us/HT213938).

agent/type
agent/first-publish-date
agent/severity
agent/author
agent/weakness
agent/softwarecombine
agent/event
agent/description
collector/apple-support
source/Apple
agent/software-canonical-lookup
agent/references
agent/last-modified-date
agent/software-canonical-lookup-request
collector/nvd-api
collector/nvd-index
collector/epss-latest
source/FIRST
agent/tags
agent/epss
vendor/apple
canonical/apple macos sonoma
canonical/apple ios
canonical/apple ipados
canonical/apple iphone os
canonical/apple macos