| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <A63415D5-F310-48E7-907C-C16ED3174D08@lists.apple.com> Date: Mon, 29 Jul 2024 16:13:26 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-07-29-2024-5 macOS Ventura 13.6.8 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-07-29-2024-5 macOS Ventura 13.6.8 macOS Ventura 13.6.8 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT214120. Apple maintains a Security Releases page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. APFS Available for: macOS Ventura Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with improved restriction of data container access. CVE-2024-40783: Csaba Fitzl (@theevilbit) of Kandji Apple Neural Engine Available for: macOS Ventura Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2024-27826: Minghao Lin, and Ye Zhang (@VAR10CK) of Baidu Security AppleMobileFileIntegrity Available for: macOS Ventura Impact: An app may be able to bypass Privacy preferences Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40774: Mickey Jin (@patch1t) AppleMobileFileIntegrity Available for: macOS Ventura Impact: An app may be able to leak sensitive user information Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40775: Mickey Jin (@patch1t) AppleVA Available for: macOS Ventura Impact: Processing a maliciously crafted file may lead to a denial-of- service or potentially disclose memory contents Description: The issue was addressed with improved memory handling. CVE-2024-27877: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative CoreGraphics Available for: macOS Ventura Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40799: D4m0n CoreMedia Available for: macOS Ventura Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-27873: Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations curl Available for: macOS Ventura Impact: Multiple issues in curl Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 DesktopServices Available for: macOS Ventura Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved checks. CVE-2024-40827: an anonymous researcher dyld Available for: macOS Ventura Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication Description: A race condition was addressed with additional validation. CVE-2024-40815: w0wbox ImageIO Available for: macOS Ventura Impact: Processing an image may lead to a denial-of-service Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-6277 CVE-2023-52356 ImageIO Available for: macOS Ventura Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40806: Yisumi ImageIO Available for: macOS Ventura Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An integer overflow was addressed with improved input validation. CVE-2024-40784: Junsung Lee working with Trend Micro Zero Day Initiative and Gandalf4a Kernel Available for: macOS Ventura Impact: A local attacker may be able to cause unexpected system shutdown Description: An out-of-bounds read was addressed with improved input validation. CVE-2024-40816: sqrtpwn Kernel Available for: macOS Ventura Impact: A local attacker may be able to cause unexpected system shutdown Description: A type confusion issue was addressed with improved memory handling. CVE-2024-40788: Minghao Lin and Jiaxun Zhu from Zhejiang University Keychain Access Available for: macOS Ventura Impact: An attacker may be able to cause unexpected app termination Description: A type confusion issue was addressed with improved checks. CVE-2024-40803: Patrick Wardle of DoubleYou & the Objective-See Foundation NetworkExtension Available for: macOS Ventura Impact: Private browsing may leak some browsing history Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-40796: Adam M. OpenSSH Available for: macOS Ventura Impact: A remote attacker may be able to cause arbitrary code execution Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-6387 PackageKit Available for: macOS Ventura Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved checks. CVE-2024-40781: Mickey Jin (@patch1t) CVE-2024-40802: Mickey Jin (@patch1t) PackageKit Available for: macOS Ventura Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks. CVE-2024-40823: Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong PackageKit Available for: macOS Ventura Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions. CVE-2024-27882: Mickey Jin (@patch1t) CVE-2024-27883: Csaba Fitzl (@theevilbit) of Kandji and Mickey Jin (@patch1t) Restore Framework Available for: macOS Ventura Impact: An app may be able to modify protected parts of the file system Description: An input validation issue was addressed with improved input validation. CVE-2024-40800: Claudio Bozzato and Francesco Benvenuto of Cisco Talos. Safari Available for: macOS Ventura Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. CVE-2024-40817: Yadhu Krishna M and Narendra Bhati, Manager of Cyber Security At Suma Soft Pvt. Ltd, Pune (India) Scripting Bridge Available for: macOS Ventura Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-27881: Kirin (@Pwnrin) Security Available for: macOS Ventura Impact: Third party app extensions may not receive the correct sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. CVE-2024-40821: Joshua Jones Security Available for: macOS Ventura Impact: An app may be able to read Safari's browsing history Description: This issue was addressed with improved redaction of sensitive information. CVE-2024-40798: Adam M. Shortcuts Available for: macOS Ventura Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks. CVE-2024-40833: an anonymous researcher CVE-2024-40807: an anonymous researcher CVE-2024-40835: an anonymous researcher Shortcuts Available for: macOS Ventura Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40834: Marcio Almeida from Tanto Security Shortcuts Available for: macOS Ventura Impact: A shortcut may be able to bypass Internet permission requirements Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40787: an anonymous researcher Shortcuts Available for: macOS Ventura Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code. CVE-2024-40793: Kirin (@Pwnrin) Shortcuts Available for: macOS Ventura Impact: A shortcut may be able to bypass Internet permission requirements Description: A logic issue was addressed with improved checks. CVE-2024-40809: an anonymous researcher CVE-2024-40812: an anonymous researcher Siri Available for: macOS Ventura Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed by restricting options offered on a locked device. CVE-2024-40818: Bistrit Dahal and Srijan Poudel Siri Available for: macOS Ventura Impact: An attacker may be able to view sensitive user information Description: This issue was addressed through improved state management. CVE-2024-40786: Bistrit Dahal StorageKit Available for: macOS Ventura Impact: A malicious app may be able to gain root privileges Description: The issue was addressed with improved checks. CVE-2024-40828: Mickey Jin (@patch1t) Time Zone Available for: macOS Ventura Impact: An attacker may be able to read information belonging to another user Description: A logic issue was addressed with improved state management. CVE-2024-23261: Matthew Loewen VoiceOver Available for: macOS Ventura Impact: A user may be able to view restricted content from the lock screen Description: The issue was addressed with improved checks. CVE-2024-40829: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India Additional recognition Image Capture We would like to acknowledge an anonymous researcher for their assistance. Shortcuts We would like to acknowledge an anonymous researcher for their assistance. macOS Ventura 13.6.8 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Releases web site: https://support.apple.com/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmaoH7EACgkQX+5d1TXa IvqsTQ/+Jcul5aQ7/a2365ebmlOow8+BOCSa8qqgvf14RJD/8Gizk1iLC/QKi2+k URry6MwFewmKcwDHICs9qdFJT8MddkQzQUab1XNUXOOrBIhxy4F6uo4MeLaVRN44 gMS1r07XBJVFm4/VRSIKarQTHE56p1UI257lGCdSDB9Qx/0WAmh512HC5ACwxCfa jJGdViI7RWp5sMKSzhaLnwQlDISdPLtuUiha/6J/iWLlYBz4HU0lxCTxYgaLkj+g 1KpGcUGCcLCsPDLzLPvtyMd6K95ZKV7Lm+/NrNInIe7L9uR3Drsbncof/LF4DcKq b+FQI2CuFDgKd8DWZSF0J+LON6BXWMlSE3X4t8Uwc0qRWarjnZp0AhpdEFINcrGD DfK6BAL4nT379Hqxv/MnnwSOPEonPV2GYo27VQD770nqPFzreGap3Nt5PnWw5lzs 9WpdCDrTUOtwuMghM++uijmsqXGco7hON3DM7hgz4UcItOujVV3YDvSRlyM9NJk/ WP8HJWEHuSGrXJ3zfmJMOM1MQAvAOLoy+zW0U7OC4nn+c1POF0odAN56m8I7+TP/ OHTBipW/KPxUQcflPPw16Ec4oY0pr/QZhAEUpq1Se+sInyoHDNdKes/5nWr1YcEg ZtwVubKayjBM4GpO/9Yf56Bt8cOHGueW2r5zuuFEX/D+607F948= =U3Ig -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists