Vulnerability Description
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. An attacker may be able to cause unexpected system termination or read kernel memory.
CVSS Score
9.1
CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Macos | < 14.0 |
Related Weaknesses (CWE)
References
- http://seclists.org/fulldisclosure/2023/Oct/3Mailing ListThird Party Advisory
- https://support.apple.com/en-us/HT213940Release NotesVendor Advisory
- http://seclists.org/fulldisclosure/2023/Oct/3Mailing ListThird Party Advisory
- https://support.apple.com/en-us/HT213940Release NotesVendor Advisory
- https://support.apple.com/kb/HT213940
FAQ
What is CVE-2023-40436?
CVE-2023-40436 is a vulnerability with a CVSS score of 9.1 (CRITICAL). The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. An attacker may be able to cause unexpected system termination or read kernel memory.
How severe is CVE-2023-40436?
CVE-2023-40436 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-40436?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Macos.