Apple Ios 17 And Ipados vulnerabilities

CVE-2023-40385 [MEDIUM] CVE-2023-40385: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40385 Component: WebKit Impact: A remote attacker may be able to view leaked DNS queries with Private Relay turned on Description: This issue was addressed by removing the vulnerable code.

CVE-2023-32361 [MEDIUM] CVE-2023-32361: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-32361 Component: AuthKit Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved handling of caches.

CVE-2023-40424 [MEDIUM] CVE-2023-40424: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40424 Component: TCC Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks.

CVE-2023-40441 [MEDIUM] CVE-2023-40441: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40441 Component: GPU Drivers Impact: Processing web content may lead to a denial-of-service Description: A resource exhaustion issue was addressed with improved input validation.

CVE-2023-40429 [MEDIUM] CVE-2023-40429: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40429 Component: Kernel Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with improved validation.

CVE-2023-41981 [MEDIUM] CVE-2023-41981: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-41981 Component: Kernel Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations Description: The issue was addressed with improved memory handling.

CVE-2023-42872 [MEDIUM] CVE-2023-42872: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-42872 Component: AppleMobileFileIntegrity Impact: An app may be able to access sensitive user data Description: The issue was addressed with additional permissions checks.

CVE-2023-38596 [MEDIUM] CVE-2023-38596: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-38596 Component: CFNetwork Impact: An app may fail to enforce App Transport Security Description: The issue was addressed with improved handling of protocols.

CVE-2023-40420 [MEDIUM] CVE-2023-40420: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40420 Component: CoreAnimation Impact: Processing web content may lead to a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2023-40422 [MEDIUM] CVE-2023-40422: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40422 Component: QuartzCore Impact: An app may be able to cause a denial-of-service Description: The issue was addressed with improved memory handling.

CVE-2023-42934 [MEDIUM] CVE-2023-42934: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-42934 Component: Photos Storage Impact: An app with root privileges may be able to access private information Description: An information disclosure issue was addressed by removing the vulnerable code.

CVE-2023-41968 [MEDIUM] CVE-2023-41968: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-41968 Component: StorageKit Impact: An app may be able to read arbitrary files Description: This issue was addressed with improved validation of symlinks.

CVE-2023-35984 [MEDIUM] CVE-2023-35984: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-35984 Component: Bluetooth Impact: An attacker in physical proximity can cause a limited out of bounds write Description: The issue was addressed with improved checks.

CVE-2023-38614 [MEDIUM] CVE-2023-38614: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-38614 Component: TCC Impact: An app may be able to access sensitive user data Description: A permissions issue was addressed with additional restrictions.

CVE-2023-40528 [MEDIUM] CVE-2023-40528: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40528 Component: Core Data Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code.

CVE-2023-41232 [MEDIUM] CVE-2023-41232: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-41232 Component: Biometric Authentication Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-41986 [MEDIUM] CVE-2023-41986: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-41986 Component: Music Impact: An app may be able to modify protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2023-40391 [MEDIUM] CVE-2023-40391: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40391 Component: GPU Drivers Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling.

CVE-2023-40410 [MEDIUM] CVE-2023-40410: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40410 Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-40399 [MEDIUM] CVE-2023-40399: iOS 17 and iPadOS 17 Apple Security Update: About the security content of iOS 17 and iPadOS 17 Product: iOS 17 and iPadOS Version: 17 CVE: CVE-2023-40399 Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling.