CVE-2023-40410
https://notcve.org/view.php?id=CVE-2023-40410
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to disclose kernel memory. Se solucionó una lectura fuera de límites con una validación de entrada mejorada. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/5 http://seclists.org/fulldisclosure/2023/Oct/6 http://seclists.org/fulldisclosure/2023/Oct/9 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213932 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 https://support.apple.com/e • CWE-125: Out-of-bounds Read •
CVE-2023-40386
https://notcve.org/view.php?id=CVE-2023-40386
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14. An app may be able to access Notes attachments. Se solucionó un problema de privacidad mejorando el manejo de archivos temporales. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 https://support.apple.com/en-us/HT213940 •
CVE-2023-40406
https://notcve.org/view.php?id=CVE-2023-40406
The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, macOS Ventura 13.6, macOS Sonoma 14. An app may be able to read arbitrary files. El problema se solucionó con controles mejorados. Este problema se solucionó en macOS Monterey 12.7, macOS Ventura 13.6, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/5 http://seclists.org/fulldisclosure/2023/Oct/6 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213932 https://support.apple.com/en-us/HT213940 •
CVE-2023-40391
https://notcve.org/view.php?id=CVE-2023-40391
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, macOS Sonoma 14, Xcode 15. An app may be able to disclose kernel memory. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en tvOS 17, iOS 17 y iPadOS 17, macOS Sonoma 14, Xcode 15. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/7 http://seclists.org/fulldisclosure/2023/Oct/8 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213939 https://support.apple.com/en-us/HT213940 •
CVE-2023-41979
https://notcve.org/view.php?id=CVE-2023-41979
A race condition was addressed with improved locking. This issue is fixed in macOS Sonoma 14. An app may be able to modify protected parts of the file system. Se solucionó una condición de ejecución con un bloqueo mejorado. Este problema se solucionó en macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/3 https://support.apple.com/en-us/HT213940 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •