iOS 17.0.3 fixes CVE-2023-42824 and the iPhone 15 heat problem

[German]Apple released the update to iOS 17.0.3 for compatible iPhone models on October 4, 2023. On the one hand, this update is supposed to close the vulnerability CVE-2023-42824 in libvpx. On the other hand, Apple promises to fix the heat problem in the iPhone 15 Pro, which is unsettling some users.


Advertising

In the following tweet, Will Dormann points out this security update to iOS 17.0.3 from October 4, 2023. For iPads, there is the update to iPadOS 17.0.3.

The release notes list some fixed vulnerabilities. In the kernel, there is the vulnerability CVE-2023-42824, via which a local attacker can possibly extend his privileges. Apple is aware of a report that this issue can be actively exploited for iOS versions prior to iOS 16.6. The issue has been fixed with improved checks.

Furthermore, it fixes the CVE-2023-5217 vulnerability in WebRTC, which allows arbitrary code execution via buffer overflow. The fix comes by updating the vulnerable library to libvpx 1.13.1.

iPhone 15 heat problem fixed

There have been reports from iPhone owners for days that their iPhone 15 Pro Max is throttled due to thermal issues. I had reported about this issue in the German blog post Hat Apples iPhone 15 Pro Max ein Hitzeproblem? Later, Apple confirmed the issue and talked about it being a bug and not a design issue. With the update to iOS 17.0.3, this heat problem is said to have been fixed as well.


Advertising

The update to iOS 17.0.3 is available for iPhone XS and above, iPad Pro 12.9-inch 2nd generation and above, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and above, iPad Air 3rd generation and above, iPad 6th generation and above, and iPad mini 5th generation and above.

BTW: I just came across the article Warning: BMW Wireless Charging May Break iPhone 15's Apple Pay Chip from MacRumors, which describes another possible problem.


Cookies helps to fund this blog: Cookie settings
Advertising


##1

This entry was posted in devices, ios, issue, Security, Update and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *