| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 26 Oct 2021 16:29:37 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 tvOS 15 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212815. Accessory Manager Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory consumption issue was addressed with improved memory handling. CVE-2021-30837: an anonymous researcher bootp Available for: Apple TV 4K and Apple TV HD Impact: A device may be passively tracked by its WiFi MAC address Description: A user privacy issue was addressed by removing the broadcast MAC address. CVE-2021-30866: Fabien Duchêne of UCLouvain (Belgium) Entry added October 25, 2021 CoreAudio Available for: Apple TV 4K and Apple TV HD Impact: Processing a malicious audio file may result in unexpected application termination or arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2021-30834: JunDong Xie of Ant Security Light-Year Lab Entry added October 25, 2021 FontParser Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30831: Xingwei Lin of Ant Security Light-Year Lab Entry added October 25, 2021 FontParser Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30840: Xingwei Lin of Ant Security Light-Year Lab Entry added October 25, 2021 FontParser Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30841: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-30842: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-30843: Xingwei Lin of Ant Security Light-Year Lab Foundation Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2021-30852: Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab Entry added October 25, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. CVE-2021-30814: hjy79425575 Entry added October 25, 2021 ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30835: Ye Zhang of Baidu Security CVE-2021-30847: Mike Zhang of Pangu Lab Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2021-30857: Zweig of Kunlun Lab libexpat Available for: Apple TV 4K and Apple TV HD Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed by updating expat to version 2.4.1. CVE-2013-0340: an anonymous researcher Preferences Available for: Apple TV 4K and Apple TV HD Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: A logic issue was addressed with improved state management. CVE-2021-30854: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) Sandbox Available for: Apple TV 4K and Apple TV HD Impact: A user may gain access to protected parts of the file system Description: An access issue was addressed with improved access restrictions. CVE-2021-30850: an anonymous researcher Sandbox Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to modify protected parts of the file system Description: This issue was addressed with improved checks. CVE-2021-30808: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 25, 2021 WebKit Available for: Apple TV 4K and Apple TV Impact: Visiting a maliciously crafted website may reveal a user's browsing history Description: The issue was resolved with additional restrictions on CSS compositing. CVE-2021-30884: an anonymous researcher Entry added October 25, 2021 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved state handling. CVE-2021-30818: Amar Menezes (@amarekano) of Zon8Research Entry added October 25, 2021 WebKit Available for: Apple TV 4K and Apple TV HD Impact: An attacker in a privileged network position may be able to bypass HSTS Description: A logic issue was addressed with improved restrictions. CVE-2021-30823: David Gullasch of Recurity Labs Entry added October 25, 2021 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted audio file may disclose restricted memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30836: Peter Nguyen Vu Hoang of STAR Labs Entry added October 25, 2021 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-30809: an anonymous researcher Entry added October 25, 2021 WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2021-30846: Sergei Glazunov of Google Project Zero WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2021-30849: Sergei Glazunov of Google Project Zero WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption vulnerability was addressed with improved locking. CVE-2021-30851: Samuel Groß of Google Project Zero Wi-Fi Available for: Apple TV 4K and Apple TV HD Impact: An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup Description: An authorization issue was addressed with improved state management. CVE-2021-30810: an anonymous researcher Additional recognition Assets We would like to acknowledge Cees Elzinga for their assistance. UIKit We would like to acknowledge an anonymous researcher for their assistance. Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmF4h08ACgkQeC9qKD1p rhhEthAAx/FURX2eeBUEs8f9b3gtic+n9doFTW1YozaTNM+/iDRtvk+Bo3UfLxsj hoSw+V4o4S9dDPAspKBDcAiW926pBAdJjdYHyeQnsLzlNQqTN/p5ITglsim9LU7Q rapY+JqaScfqgAwrlu7Y0kkII9rjOkOFK5wmZDkPSo8zbZftX9WRid6WmCwuf5E0 ljZhM3SRDobLoHI9691eAR1Nfl0NroQh51BTaYNzF/i64wYZdjZd2uwcs+U+GCUn pyXtYF42Z7NAymlrdC5u9jQALKDevpubluzsyTB8AZDOBAnOgMZsjHalHX9CBAYO N1S6J/FHE07rH8aWaDPUaU12ky/dl/5Zn+jycDG4SiTfK1HkL6FUvp+q9NnzM3jv 6Nm2doEaH+NRh/JW8wYaB1xmQK2gjHLHS2HPOV+1sW3rhkqqPbrl1e6doYL3ogfk AdwYFLJ3aEvufybukEUEktiVk9tLl56HTwZ+yMHC0fThzfssNWzp78Fny7MTTean TBKaqW3K7Ma5oAmy61srVlfQln7mhzqxZQh3URUADL21DqmTY4+khjTrxawUeGkh dwfJ7ee8+u5CXUcdtjhdnT+qnenEO2jA7ehzEuQ7FLuIIlfQGXJsHPWSFQBauaye msR+WcYRqGbpnBJBvkknqSjRLqUx1cBsFFBTdhVpYilkjbmWa0U= =1hbX -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists