{"id":"CVE-2023-42917","details":"A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.","modified":"2026-03-13T07:40:48.848302Z","published":"2023-11-30T23:15:07.280Z","related":["ALSA-2023:7715","ALSA-2023:7716","CGA-vh2x-xg9f-9g85","MGASA-2024-0148","SUSE-SU-2023:4824-1","SUSE-SU-2023:4827-1","SUSE-SU-2023:4828-1","SUSE-SU-2023:4829-1"],"references":[{"type":"WEB","url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-42917"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2023/Dec/13"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT214031"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT214034"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT214062"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2023/Dec/3"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2023/Dec/8"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2024/Jan/35"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT214032"},{"type":"ADVISORY","url":"https://www.debian.org/security/2023/dsa-5575"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2023/Dec/4"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2023/Dec/5"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2023/12/05/1"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202401-04"},{"type":"ADVISORY","url":"https://support.apple.com/en-us/HT214033"},{"type":"ADVISORY","url":"https://support.apple.com/kb/HT214033"},{"type":"ADVISORY","url":"http://seclists.org/fulldisclosure/2023/Dec/12"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AD2KIHHCUBQC2YYH3FJWAHI5BG3QETOH/"},{"type":"ARTICLE","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P5LQS6VEI7VIZNC7QGQ62EOV45R5RJIR/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"17.1.2"}]},{"events":[{"introduced":"0"},{"fixed":"15.8.1"}]},{"events":[{"introduced":"16.0"},{"fixed":"16.7.3"}]},{"events":[{"introduced":"17.0"},{"fixed":"17.1.2"}]},{"events":[{"introduced":"0"},{"fixed":"15.8.1"}]},{"events":[{"introduced":"16.0"},{"fixed":"16.7.3"}]},{"events":[{"introduced":"17.0"},{"fixed":"17.1.2"}]},{"events":[{"introduced":"14.0"},{"fixed":"14.1.2"}]},{"events":[{"introduced":"0"},{"last_affected":"11.0"}]},{"events":[{"introduced":"0"},{"last_affected":"12.0"}]},{"events":[{"introduced":"0"},{"last_affected":"38"}]},{"events":[{"introduced":"0"},{"last_affected":"39"}]},{"events":[{"introduced":"0"},{"fixed":"2.42.3"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-42917.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}