CVE-2023-41983: 
Apple Safari vulnerability analysis and mitigation

CVE-2023-41983 is a vulnerability in WebKit that affects multiple Apple products including macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. The vulnerability was discovered by 이준성(Junsung Lee) and was fixed in October 2023 (Apple HT213984, Apple HT213981).

The vulnerability is related to improper memory handling in the WebKit Process Model component. When processing web content, this vulnerability could lead to a denial-of-service condition. The issue was addressed with improved memory handling (WebKit Bugzilla: 260757). The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H (NVD).

When exploited, this vulnerability can lead to a denial-of-service condition when processing web content. The impact is limited to availability with no direct impact on confidentiality or integrity of the system (WebKit Advisory).

The vulnerability has been patched in multiple versions: macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Users are recommended to update to these versions or later. For Linux distributions, fixes are available in webkit2gtk version 2.42.2 for various distributions including Debian and Fedora (Debian Advisory, Fedora Update).