[<prev] [next>] [day] [month] [year] [list]
Message-id: <6152C7B8-09AD-43A3-8914-FFB6381BA976@lists.apple.com>
Date: Thu, 29 Mar 2018 16:57:59 -0700
From: Apple Product Security <product-security-noreply@...ts.apple.com>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4,
Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2018-3-29-5 macOS High Sierra 10.13.4, Security Update
2018-002 Sierra, and Security Update 2018-002 El Capitan
Admin Framework
Available for: macOS High Sierra 10.13.3
Impact: Passwords supplied to sysadminctl may be exposed to other
local users
Description: The sysadminctl command-line tool required that
passwords be passed to it in its arguments, potentially exposing the
passwords to other local users. This update makes the password
parameter optional, and sysadminctl will prompt for the password if
needed.
CVE-2018-4170: an anonymous researcher
APFS
Available for: macOS High Sierra 10.13.3
Impact: An APFS volume password may be unexpectedly truncated
Description: An injection issue was addressed through improved input
validation.
CVE-2018-4105: David J Beitey (@davidjb_), Geoffrey Bugniot
ATS
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: Processing a maliciously crafted file might disclose user
information
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2018-4112: Haik Aftandilian of Mozilla
CFNetwork Session
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel Groß (@5aelo)
CoreFoundation
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4155: Samuel Groß (@5aelo)
CVE-2018-4158: Samuel Groß (@5aelo)
CoreText
Available for: macOS High Sierra 10.13.3
Impact: Processing a maliciously crafted string may lead to a denial
of service
Description: A denial of service issue was addressed through improved
memory handling.
CVE-2018-4142: Robin Leroy of Google Switzerland GmbH
CoreTypes
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: Processing a maliciously crafted webpage may result in the
mounting of a disk image
Description: A logic issue was addressed with improved restrictions.
CVE-2017-13890: Apple, Theodor Ragnar Gislason of Syndis
curl
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6
Impact: Multiple issues in curl
Description: An integer overflow existed in curl. This issue was
addressed through improved bounds checking.
CVE-2017-8816: an anonymous researcher
Disk Images
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: Mounting a malicious disk image may result in the launching
of an application
Description: A logic issue was addressed with improved validation.
CVE-2018-4176: Theodor Ragnar Gislason of Syndis
Disk Management
Available for: macOS High Sierra 10.13.3
Impact: An APFS volume password may be unexpectedly truncated
Description: An injection issue was addressed through improved input
validation.
CVE-2018-4108: Kamatham Chaitanya of ShiftLeft Inc., an anonymous
researcher
File System Events
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4167: Samuel Groß (@5aelo)
iCloud Drive
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4151: Samuel Groß (@5aelo)
Intel Graphics Driver
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4132: Axis and pjf of IceSword Lab of Qihoo 360
IOFireWireFamily
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4135: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc.
Kernel
Available for: macOS High Sierra 10.13.3
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2018-4150: an anonymous researcher
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2018-4104: The UK's National Cyber Security Centre (NCSC)
Kernel
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2018-4143: derrek (@derrekr6)
Kernel
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds read was addressed through improved
bounds checking.
CVE-2018-4136: Jonas Jensen of lgtm.com and Semmle
Kernel
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
system privileges
Description: An out-of-bounds read was addressed through improved
bounds checking.
CVE-2018-4160: Jonas Jensen of lgtm.com and Semmle
kext tools
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A logic issue existed resulting in memory corruption.
This was addressed with improved state management.
CVE-2018-4139: Ian Beer of Google Project Zero
LaunchServices
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: A maliciously crafted application may be able to bypass code
signing enforcement
Description: A logic issue was addressed with improved validation.
CVE-2018-4175: Theodor Ragnar Gislason of Syndis
Mail
Available for: macOS High Sierra 10.13.3
Impact: An attacker in a privileged network position may be able to
exfiltrate the contents of S/MIME-encrypted e-mail
Description: An issue existed in the handling of S/MIME HTML e-mail.
This issue was addressed by not loading remote resources on S/MIME
encrypted messages by default if the message has an invalid or
missing S/MIME signature.
CVE-2018-4111: an anonymous researcher
Mail
Available for: macOS High Sierra 10.13.3
Impact: An attacker in a privileged network position may be able to
intercept the contents of S/MIME-encrypted e-mail
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2018-4174: an anonymous researcher, an anonymous researcher
Notes
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4152: Samuel Groß (@5aelo)
NSURLSession
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4166: Samuel Groß (@5aelo)
NVIDIA Graphics Drivers
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2018-4138: Axis and pjf of IceSword Lab of Qihoo 360
PDFKit
Available for: macOS High Sierra 10.13.3
Impact: Clicking a URL in a PDF may visit a malicious website
Description: An issue existed in the parsing of URLs in PDFs. This
issue was addressed through improved input validation.
CVE-2018-4107: an anonymous researcher
PluginKit
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4156: Samuel Groß (@5aelo)
Quick Look
Available for: macOS High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4157: Samuel Groß (@5aelo)
Security
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: A malicious application may be able to elevate privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2018-4144: Abraham Masri (@cheesecakeufo)
Storage
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: An application may be able to gain elevated privileges
Description: A race condition was addressed with additional
validation.
CVE-2018-4154: Samuel Groß (@5aelo)
System Preferences
Available for: macOS High Sierra 10.13.3
Impact: A configuration profile may incorrectly remain in effect
after removal
Description: An issue existed in CFPreferences. This issue was
addressed through improved preferences cleanup.
CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of
Wandera
Terminal
Available for: OS X El Capitan 10.11.6, macOS Sierra 10.12.6, macOS
High Sierra 10.13.3
Impact: Pasting malicious content may lead to arbitrary command
execution spoofing
Description: A command injection issue existed in the handling of
Bracketed Paste Mode. This issue was addressed through improved
validation of special characters.
CVE-2018-4106: Simon Hosie
WindowServer
Available for: macOS High Sierra 10.13.3
Impact: An unprivileged application may be able to log keystrokes
entered into other applications even when secure input mode is
enabled
Description: By scanning key states, an unprivileged application
could log keystrokes entered into other applications even when secure
input mode was enabled. This issue was addressed by improved state
management.
CVE-2018-4131: Andreas Hegenberg of folivora.AI GmbH
Installation note:
macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and
Security Update 2018-002 El Capitan may be obtained from the
Mac App Store or Apple's Software Downloads web site:
https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9Gl4pHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEbLsBAA
ulM5yGdq+lKTJ1XYrVVdH9k5QStzg551Ss0sHS84bC6p5AzSh+mFHITJDKyF3H+M
To0SoSwzdHrEmXNZ2LPAz9C0h9FSFh4AAhz3Fng4Qbd4L+Q+MypPnrpVZIMO9Iy8
srwJzbpa3LQ9Nq6NGmTD68wTyN2hjdcIc/ifsBev71HGx695Axr9tEV4PBzXyhZE
aZpUBc1e7PvDzLh4VjVRRfk591zRjzEGWuZH/1kbwmFuIBqb3BCaL6MQ4sFZUPw9
L26Q/RrFDA9KMb2P0K1EA2kTEoqAu51d31SgSGe8AskUdPaVE33juxXGde3LT+5F
OdfZ4iDc7MB808CU7aauzsed0DgYUPnenphj/+iIsZm//8fUt2YKCHT48uS8mjBp
W2rClecQ3J+nz3hmvoR5/tvJ2QsiZtir2CsGbZ7nLhxaNu098yJ22fQPpJeHy0pr
CIgp5qsNs0Qej7VOkjFWWPBvKwDYhnTInR8tHSHtxyUiG+voLGnMXKv94kPqMhUZ
Byhosi55N9wGEmAhHmjFr71E8H4gU1ZbKQo0UYulnXd22vzBWrPX5BQW9F0xLSMT
6mbkCh3gSWyVvhcCbQ/v3ajWoaC4ZyyUllLgpSZgr5bFt9YJGAVLngRX47oI27uS
8tPmXxjKq86HBH8Otmicu/yb9qf5d3lb/TwMawbH/iU=
=Xshl
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists