CVE-2023-42846
First published: Wed Oct 25 2023(Updated: )
mDNSResponder. This issue was addressed by removing the vulnerable code.
Credit: Talal Haj Bakry Mysk IncTommy Mysk @mysk_co Mysk IncTalal Haj Bakry Mysk IncTommy Mysk @mysk_co Mysk IncTalal Haj Bakry Mysk IncTommy Mysk @mysk_co Mysk IncTalal Haj Bakry Mysk IncTommy Mysk @mysk_co Mysk Inc product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPadOS | <16.7.2 | |
| Apple iPadOS | >=17.0<17.1 | |
| Apple iPhone OS | <16.7.2 | |
| Apple iPhone OS | >=17.0<17.1 | |
| Apple tvOS | <17.1 | |
| Apple watchOS | <10.1 | |
| Apple watchOS | <10.1 | 10.1 |
| Apple iOS | <16.7.2 | 16.7.2 |
| Apple iPadOS | <16.7.2 | 16.7.2 |
| Apple tvOS | <17.1 | 17.1 |
| Apple iOS | <17.1 | 17.1 |
| Apple iPadOS | <17.1 | 17.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213981 (Advisory)
- https://support.apple.com/en-us/HT213982 (Advisory)
- https://support.apple.com/en-us/HT213987 (Advisory)
- https://support.apple.com/en-us/HT213988 (Advisory)
- https://support.apple.com/kb/HT213982
- https://support.apple.com/kb/HT213987
- https://support.apple.com/kb/HT213988
- https://support.apple.com/kb/HT213981
- http://seclists.org/fulldisclosure/2023/Oct/23
- http://seclists.org/fulldisclosure/2023/Oct/22
- http://seclists.org/fulldisclosure/2023/Oct/19
- http://seclists.org/fulldisclosure/2023/Oct/25
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-42823
- CVE-2023-42953
- CVE-2023-42848
- CVE-2023-42942
- CVE-2023-42846
- CVE-2023-42873
- CVE-2023-42839
- CVE-2023-42946
- CVE-2023-40447
- CVE-2023-41976
- CVE-2023-42852
- CVE-2023-40413
- CVE-2023-42834
- CVE-2023-42849
- CVE-2023-40408
- CVE-2023-42878
- CVE-2023-41982
- CVE-2023-41997
- CVE-2023-41988
- CVE-2023-41254
- CVE-2023-42952
- CVE-2023-41072
- CVE-2023-42857
- CVE-2023-40449
- CVE-2023-42928
- CVE-2023-40416
- CVE-2023-40423
- CVE-2023-40446
- CVE-2023-42847
- CVE-2023-42845
- CVE-2023-42841
- CVE-2023-42951
- CVE-2023-42836
- CVE-2023-42855
- CVE-2023-40445
- CVE-2023-42843
- CVE-2023-42939
- CVE-2023-41983
- CVE-2023-41977
- CVE-2023-32359
Frequently Asked Questions
What is the vulnerability ID of this issue?
The vulnerability ID of this issue is CVE-2023-42846.
What is the software affected by this vulnerability?
The software affected by this vulnerability includes watchOS, iOS, iPadOS, and tvOS.
How was this vulnerability fixed?
This vulnerability was fixed by removing the vulnerable code.
What versions of the affected software are fixed?
Versions 10.1 of watchOS, 16.7.2 and 17.1 of iOS and iPadOS, and 17.1 of tvOS are fixed.
Can a device be passively tracked by its Wi-Fi MAC address?
Yes, a device may be passively tracked by its Wi-Fi MAC address.
- collector/mitre-cve
- agent/type
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/description
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- vendor/apple
- canonical/apple ipados
- version/apple ipados/17.0
- canonical/apple iphone os
- version/apple iphone os/17.0
- canonical/apple tvos
- canonical/apple watchos
- canonical/apple ios