Home

CVE-2024-23222

Description

A type confusion issue was addressed with improved checks. This issue is fixed in iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, tvOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.216

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities are fixed in Mac OS - Ventura 13.6.4 (Software Update) - AutoReboot (CVE-2024-23222)Mac
Multiple vulnerabilities are fixed in Mac OS - Monterey 12.7.3 (Software Update) - (AutoReboot)(CVE-2024-23222)Mac
Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.7.1 (Software Update) for MacOS 14.3.1 - AutoRebootMac
Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.3 (Software Update) - AutoReboot (CVE-2024-23222)Mac
Multiple vulnerabilities are fixed in Mac OS - Sonoma 14.3.1 (Software Update) - AutoRebootMac
Web content engine library for GTK+ (USN-6631-1) libwebkitgtk-6.0-4_2.42.5-0ubuntu0.22.04.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkitgtk-6.0-4_2.42.5-0ubuntu0.22.04.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkitgtk-6.0-4_2.42.5-0ubuntu0.23.10.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkitgtk-6.0-4_2.42.5-0ubuntu0.23.10.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkit2gtk-4.1-0_2.42.5-0ubuntu0.22.04.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkit2gtk-4.1-0_2.42.5-0ubuntu0.22.04.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkit2gtk-4.1-0_2.42.5-0ubuntu0.23.10.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkit2gtk-4.1-0_2.42.5-0ubuntu0.23.10.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkit2gtk-4.0-37_2.42.5-0ubuntu0.22.04.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkit2gtk-4.0-37_2.42.5-0ubuntu0.22.04.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkit2gtk-4.0-37_2.42.5-0ubuntu0.23.10.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libwebkit2gtk-4.0-37_2.42.5-0ubuntu0.23.10.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-4.1-0_2.42.5-0ubuntu0.22.04.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-4.1-0_2.42.5-0ubuntu0.22.04.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-4.1-0_2.42.5-0ubuntu0.23.10.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-4.1-0_2.42.5-0ubuntu0.23.10.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-6.0-1_2.42.5-0ubuntu0.22.04.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-6.0-1_2.42.5-0ubuntu0.22.04.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-6.0-1_2.42.5-0ubuntu0.23.10.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-6.0-1_2.42.5-0ubuntu0.23.10.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-4.0-18_2.42.5-0ubuntu0.22.04.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-4.0-18_2.42.5-0ubuntu0.22.04.2_amd64.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-4.0-18_2.42.5-0ubuntu0.23.10.2_i386.debLinux
Web content engine library for GTK+ (USN-6631-1) libjavascriptcoregtk-4.0-18_2.42.5-0ubuntu0.23.10.2_amd64.debLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) libjavascriptcoregtk-4_0-18-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) libjavascriptcoregtk-4_0-18-debuginfo-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) libwebkit2gtk-4_0-37-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) libwebkit2gtk-4_0-37-debuginfo-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) libwebkit2gtk3-lang-2.42.5-2.168.2.noarch.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) typelib-1_0-JavaScriptCore-4_0-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) typelib-1_0-WebKit2-4_0-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) typelib-1_0-WebKit2WebExtension-4_0-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) webkit2gtk-4_0-injected-bundles-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) webkit2gtk-4_0-injected-bundles-debuginfo-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0545-1(SUSE Linux Enterprise Server 12 SP5 ) webkit2gtk3-debugsource-2.42.5-2.168.2.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) webkit2gtk3-devel-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) WebKitGTK-4.0-lang-2.42.5-150400.4.75.1.noarch.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) WebKitGTK-4.1-lang-2.42.5-150400.4.75.1.noarch.rpmLinux
SUSE-SU-2024:0548-1(Development Tools Module 15-SP5) WebKitGTK-6.0-lang-2.42.5-150400.4.75.1.noarch.rpmLinux
SUSE-SU-2024:0548-1(Development Tools Module 15-SP5) libwebkitgtk-6_0-4-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) libwebkit2gtk-4_1-0-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) libwebkit2gtk-4_0-37-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) typelib-1_0-WebKit2-4_0-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) typelib-1_0-WebKit2-4_1-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) webkit2gtk3-debugsource-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) webkit2gtk3-soup2-devel-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Development Tools Module 15-SP5) webkit2gtk4-debugsource-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) libjavascriptcoregtk-4_1-0-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Development Tools Module 15-SP5) libjavascriptcoregtk-6_0-1-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) libjavascriptcoregtk-4_0-18-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Development Tools Module 15-SP5) libwebkitgtk-6_0-4-debuginfo-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) libwebkit2gtk-4_1-0-debuginfo-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) webkit2gtk3-soup2-debugsource-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) libwebkit2gtk-4_0-37-debuginfo-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) typelib-1_0-JavaScriptCore-4_0-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) typelib-1_0-JavaScriptCore-4_1-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Development Tools Module 15-SP5) webkitgtk-6_0-injected-bundles-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) webkit2gtk-4_0-injected-bundles-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) webkit2gtk-4_1-injected-bundles-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) typelib-1_0-WebKit2WebExtension-4_0-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) typelib-1_0-WebKit2WebExtension-4_1-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) libjavascriptcoregtk-4_1-0-debuginfo-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Development Tools Module 15-SP5) libjavascriptcoregtk-6_0-1-debuginfo-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) libjavascriptcoregtk-4_0-18-debuginfo-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Basesystem Module 15-SP5) webkit2gtk-4_0-injected-bundles-debuginfo-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:0548-1(Desktop Applications Module 15-SP5) webkit2gtk-4_1-injected-bundles-debuginfo-2.42.5-150400.4.75.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) webkit2gtk-4_1-injected-bundles-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) webkit2gtk-4_0-injected-bundles-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Development Tools Module 15-SP6) typelib-1_0-WebKitWebProcessExtension-6_0-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) typelib-1_0-WebKit2-4_1-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) typelib-1_0-WebKit2-4_0-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Development Tools Module 15-SP6) typelib-1_0-WebKit-6_0-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Development Tools Module 15-SP6) typelib-1_0-JavaScriptCore-6_0-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) typelib-1_0-JavaScriptCore-4_1-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Development Tools Module 15-SP6) webkit2gtk4-devel-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) webkitgtk-6_0-injected-bundles-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) webkitgtk-6_0-injected-bundles-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) WebKitGTK-6.0-lang-2.46.0-150600.12.12.1.noarch.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) WebKitGTK-4.1-lang-2.46.0-150600.12.12.1.noarch.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) WebKitGTK-4.0-lang-2.46.0-150600.12.12.1.noarch.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) webkit2gtk4-debugsource-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) webkit2gtk3-soup2-devel-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) webkit2gtk3-soup2-debugsource-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) webkit2gtk3-devel-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) webkit2gtk3-debugsource-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) libjavascriptcoregtk-6_0-1-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) libwebkit2gtk-4_1-0-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) libwebkit2gtk-4_1-0-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) libwebkit2gtk-4_0-37-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) libwebkit2gtk-4_0-37-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) typelib-1_0-JavaScriptCore-4_0-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Desktop Applications Module 15-SP6) libjavascriptcoregtk-4_1-0-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) libjavascriptcoregtk-4_0-18-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) libwebkitgtk-6_0-4-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3752-1(Basesystem Module 15-SP6) libwebkitgtk-6_0-4-debuginfo-2.46.0-150600.12.12.1.x86_64.rpmLinux
SUSE-SU-2024:3869-1(Desktop Applications Module 15-SP5) WebKitGTK-4.1-lang-2.46.0-150400.4.91.1.noarch.rpmLinux
SUSE-SU-2024:3869-1(Basesystem Module 15-SP5) WebKitGTK-4.0-lang-2.46.0-150400.4.91.1.noarch.rpmLinux

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-611601Mac OS - Ventura 13.7.7 (Software Update) (Auto Reboot)(Deployment-Only)
PATCH-608134Mac OS - Monterey 12.7.6 (Software Update) - AutoReboot (CVE-2024-27877)
PATCH-612607Mac OS - Sonoma 14.8.2 (Software Update)(Auto Reboot)
PATCH-609043Mac OS - Sonoma 14.7.1 (Software Update) - AutoReboot (Deployment-Only)
PATCH-609043Mac OS - Sonoma 14.7.1 (Software Update) - AutoReboot (Deployment-Only)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234