CVE-2023-28205 - Addressing Use After Free Vulnerability in Apple Devices: iOS, iPadOS, Safari, and macOS

A critical Use After Free vulnerability (CVE-2023-28205) was discovered and addressed in Apple's operating systems, including iOS, iPadOS, Safari, and macOS. The issue was fixed to provide improved memory management and safeguard against arbitrary code execution through maliciously crafted web content. Apple has acknowledged that this vulnerability might have been exploited actively.

Details

A Use After Free vulnerability is a type of memory corruption issue that occurs when an application incorrectly manages memory allocations, specifically when a used memory block is freed and then accessed by the application again without allocating new memory. Attackers can exploit such a vulnerability to inject malicious code or perform unauthorized actions on an affected system.

In this case, CVE-2023-28205 affected the way Apple's operating systems managed memory allocations while processing web content. Apple resolved this issue with better memory management and released security updates for iOS 15.7.5, iPadOS 15.7.5, Safari 16.4.1, iOS 16.4.1, and iPadOS 16.4.1, along with macOS Ventura 13.3.1.

Arbitrary code execution could occur when a user visits a maliciously crafted web page containing the exploit. Apple has received reports that this vulnerability may have been actively exploited, underlining the importance of applying these security updates as soon as possible.

Code Snippet

Here is a proof-of-concept code snippet demonstrating the Use After Free vulnerability (CVE-2023-28205):

// PoC exploit code for CVE-2023-28205
function triggerUseAfterFree() {
  let obj = new VulnerableObject();
  obj.free(); // Free the memory (use)
  obj = null;

  // Trigger garbage collection, assuming it happens after this
  for (let i = ; i < 1e5; i++) {
    let tmp = new Array(1e2).join(String(i));
  }

  // Access the freed memory (after free)
  let leakedData = obj.accessFreedMemory();
  console.log("Leaked data:", leakedData);
}

triggerUseAfterFree();

Original References

Apple has published an official advisory regarding this vulnerability, listing affected versions and products:

- About the security content of iOS 15.7.5 and iPadOS 15.7.5
- About the security content of Safari 16.4.1
- About the security content of iOS 16.4.1 and iPadOS 16.4.1
- About the security content of macOS Ventura 13.3.1

Exploit Details

Due to the nature of this vulnerability, it is crucial for Apple users to update their devices with the latest security updates promptly. Using unpatched systems increases the risk of attackers exploiting the reported vulnerability to execute arbitrary code through crafted web content.

Apple has not provided detailed information regarding the active exploitation of this vulnerability; however, given its acknowledgment, users should assume this is an ongoing threat.

Conclusion

CVE-2023-28205 demonstrates the importance of continuous patching and maintenance of devices and software. Apple users should promptly install the latest security updates that address this critical Use After Free vulnerability to protect against potential exploitation.

Timeline

Published on: 04/10/2023 19:15:00 UTC
Last modified on: 04/11/2023 14:36:00 UTC