lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 8 Apr 2015 13:17:43 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: APPLE-SA-2015-04-08-4 Apple TV 7.2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2015-04-08-4 Apple TV 7.2

Apple TV 7.2 is now available and addresses the following:

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious application may be able to execute arbitrary
code with system privileges
Description:  A validation issue existed in IOKit objects used by an
audio driver. This issue was addressed through improved validation of
metadata.
CVE-ID
CVE-2015-1086

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  An application using NSXMLParser may be misused to disclose
information
Description:  An XML External Entity issue existed in NSXMLParser's
handling of XML. This issue was addressed by not loading external
entities across origins.
CVE-ID
CVE-2015-1092 : Ikuya Fukumoto

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious application may be able to determine kernel
memory layout
Description:  An issue existed in IOAcceleratorFamily that led to the
disclosure of kernel memory content. This issue was addressed by
removing unneeded code.
CVE-ID
CVE-2015-1094 : Cererdlong of Alibaba Mobile Security Team

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious HID device may be able to cause arbitrary code
execution
Description:  A memory corruption issue existed in an IOHIDFamily
API. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-1095 : Andrew Church

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious application may be able to determine kernel
memory layout
Description:  An issue existed in IOHIDFamily that led to the
disclosure of kernel memory content. This issue was addressed through
improved bounds checking.
CVE-ID
CVE-2015-1096 : Ilja van Sprundel of IOActive

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious application may be able to determine kernel
memory layout
Description:  An issue existed in MobileFrameBuffer that led to the
disclosure of kernel memory content. This issue was addressed through
improved bounds checking.
CVE-ID
CVE-2015-1097 : Barak Gabai of the IBM X-Force Application Security
Research Team

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious application may be able to cause a system denial
of service
Description:  A race condition existed in the kernel's setreuid
system call. This issue was addressed through improved state
management.
CVE-ID
CVE-2015-1099 : Mark Mentovai of Google Inc.

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious application may escalate privileges using a
compromised service intended to run with reduced privileges
Description:  setreuid and setregid system calls failed to drop
privileges permanently. This issue was addressed by correctly
dropping privileges.
CVE-ID
CVE-2015-1117 : Mark Mentovai of Google Inc.

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious application may be able to cause unexpected
system termination or read kernel memory
Description:  A out of bounds memory access issue existed in the
kernel. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-1100 : Maxime Villard of m00nbsd

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A malicious application may be able to execute arbitrary
code with system privileges
Description:  A memory corruption issue existed in the kernel. This
issue was addressed through improved memory handling.
CVE-ID
CVE-2015-1101 : lokihardt@...T working with HP's Zero Day Initiative

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  An attacker with a privileged network position may be able
to cause a denial of service
Description:  A state inconsistency existed in the processing of TCP
headers. This issue was addressed through improved state handling.
CVE-ID
CVE-2015-1102 : Andrey Khudyakov and Maxim Zhuravlev of Kaspersky Lab

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  An attacker with a privileged network position may be able
to redirect user traffic to arbitrary hosts
Description:  ICMP redirects were enabled by default on iOS. This
issue was addressed by disabling ICMP redirects.
CVE-ID
CVE-2015-1103 : Zimperium Mobile Security Labs

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A remote attacker may be able to bypass network filters
Description:  The system would treat some IPv6 packets from remote
network interfaces as local packets. The issue was addressed by
rejecting these packets.
CVE-ID
CVE-2015-1104 : Stephen Roettger of the Google Security Team

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  A remote attacker may be able to cause a denial of service
Description:  A state inconsistency issue existed in the handling of
TCP out of band data. This issue was addressed through improved state
management.
CVE-ID
CVE-2015-1105 : Kenton Varda of Sandstorm.io

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  Processing a maliciously crafted configuration profile may
lead to unexpected application termination
Description:  A memory corruption issue existed in the handling of
configuration profiles. This issue was addressed through improved
bounds checking.
CVE-ID
CVE-2015-1118 : Zhaofeng Chen, Hui Xue, Yulong Zhang, and Tao Wei of
FireEye, Inc.

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  Unnecessary information may be sent to external servers when
downloading podcast assets
Description:  When downloading assets for podcast a user was
subscribed to, unique identifiers were sent to external servers. This
issue was resolved by removing these identifiers.
CVE-ID
CVE-2015-1110 : Alex Selivanov

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  Hardware identifiers may be accessible by third-party apps
Description:  An information disclosure issue existed in the third-
party app sandbox. This issue was addressed by improving the sandbox
profile.
CVE-ID
CVE-2015-1114

Apple TV
Available for:  Apple TV 3rd generation and later
Impact:  Visiting a maliciously crafted website may lead to arbitrary
code execution
Description:  Multiple memory corruption issues existed in WebKit.
These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-1068 : Apple
CVE-2015-1069 : lokihardt@...T working with HP's Zero Day Initiative
CVE-2015-1070 : Apple
CVE-2015-1071 : Apple
CVE-2015-1072
CVE-2015-1073 : Apple
CVE-2015-1074 : Apple
CVE-2015-1076
CVE-2015-1077 : Apple
CVE-2015-1078 : Apple
CVE-2015-1079 : Apple
CVE-2015-1080 : Apple
CVE-2015-1081 : Apple
CVE-2015-1082 : Apple
CVE-2015-1083 : Apple
CVE-2015-1119 : Renata Hodovan of University of Szeged / Samsung
Electronics
CVE-2015-1120 : Apple
CVE-2015-1121 : Apple
CVE-2015-1122 : Apple
CVE-2015-1123 : Randy Luecke and Anoop Menon of Google Inc.
CVE-2015-1124 : Apple

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> General -> Update Software".

To check the current version of software, select
"Settings -> General -> About".

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT1222
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJVJHMgAAoJEBcWfLTuOo7tjVUP/3e7Bo8L4f4+EFs7jkhKVzP5
6LxAuhAtXu+476K1iDKOwa0gyLu8ftp95Af0rgUHjqmNGgsrAYZPgG8Q3HzS/RpK
1JyShFHNIF87sqVGYfVpRthO10yRAQxNmJ/6zGTRU/Djwb/FBZyrMcbG0SMZ47KX
CerNerPwiI7dzKWWNHgvmj9ydJU9bSyI5bgweQ565BLKs0Lar8aqj6A/iV1Ekltn
A33LSrgMTgK+pjUl1CwQLZ05x9YPpCGXsA55u3MApfL2ZdoOk0VBpi/e56JrSq1J
BioCyTJn+DwDY+FjGg5vCjeGJGq4zQ/2SsLQwKLiK6Fje68LutNtrqPtNApWabh3
j876IiLpih2ZMV4KgqvCrkkMI2fkXlVOMLKUhI+UHJ4aWJTNprRwLbaJ7boQ9TCy
MJ9B39iPJtyZWtorXBUc0RC2N1HLj5ONZut6FtRkIoiMTaGe6ejbvM39BWC+1sgW
PsAYkvrEKzTcSdC6yY1RI2bufBD9SgtMD8f6y/q912uHf55poPSR9SV1iV5Tzftz
UPvxGTLlmcXzU52nlSZNYEp4U9Nh02ltUYhs6MptoVvHf4MZW9TaIj9YpBNdVMvb
vjB3UoPyAAb4GUqqVK6l5c6wlCyoCRg6Z86a99bW7PKBUP5C0LEzqwbZIMCkrX3i
iPMObURhCq+xIYRUTKXE
=ktgN
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ