Apple Macos Big Sur vulnerabilities

CVE-2023-41075 [HIGH] CVE-2023-41075: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-41075 Component: LaunchServices Impact: An app may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2023-23514 [HIGH] CVE-2023-23514: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-23514 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management.

CVE-2023-27944 [HIGH] CVE-2023-27944: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27944 Component: XPC Impact: An app may be able to break out of its sandbox Description: This issue was addressed with a new entitlement.

CVE-2023-40398 [HIGH] CVE-2023-40398: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-40398 Component: CoreServices Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: This issue was addressed with improved checks.

CVE-2023-27937 [HIGH] CVE-2023-27937: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27937 Component: Foundation Impact: Parsing a maliciously crafted plist may lead to an unexpected app termination or arbitrary code execution Description: An integer overflow was addressed with improved input validation.

CVE-2023-32378 [HIGH] CVE-2023-32378: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-32378 Component: IOAcceleratorFamily Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-0512 [HIGH] CVE-2023-0512: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-0512 Component: CVE-2023-0512

CVE-2023-23540 [HIGH] CVE-2023-23540: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-23540 Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2023-23536 [HIGH] CVE-2023-23536: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-23536 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks.

CVE-2023-27946 [HIGH] CVE-2023-27946: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27946 Component: ImageIO Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-27955 [MEDIUM] CVE-2023-27955: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27955 Component: ColorSync Impact: An app may be able to read arbitrary files Description: The issue was addressed with improved checks.

CVE-2023-27962 [MEDIUM] CVE-2023-27962: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27962 Component: PackageKit Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved checks.

CVE-2023-23527 [MEDIUM] CVE-2023-23527: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-23527 Component: AppleMobileFileIntegrity Impact: A user may gain access to protected parts of the file system Description: The issue was addressed with improved checks.

CVE-2023-27941 [MEDIUM] CVE-2023-27941: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27941 Component: Kernel Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.

CVE-2023-23542 [MEDIUM] CVE-2023-23542: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-23542 Component: System Settings Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-27951 [MEDIUM] CVE-2023-27951: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-27951 Component: Archive Utility Impact: An archive may be able to bypass Gatekeeper Description: The issue was addressed with improved checks.

CVE-2023-28200 [MEDIUM] CVE-2023-28200: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-28200 Component: Kernel Impact: An app may be able to disclose kernel memory Description: A validation issue was addressed with improved input sanitization.

CVE-2023-28199 [MEDIUM] CVE-2023-28199: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-28199 Component: Kernel Impact: An app may be able to disclose kernel memory Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.

CVE-2023-28182 [MEDIUM] CVE-2023-28182: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-28182 Component: NetworkExtension Impact: A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device Description: The issue was addressed with improved authentication.

CVE-2023-23537 [MEDIUM] CVE-2023-23537: macOS Big Sur 11.7.5 Apple Security Update: About the security content of macOS Big Sur 11.7.5 Product: macOS Big Sur Version: 11.7.5 CVE: CVE-2023-23537 Component: Find My Impact: An app may be able to read sensitive location information Description: A privacy issue was addressed with improved private data redaction for log entries.