| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <4741D216-CF88-4F49-BFE9-9DEDBB498EF4@lists.apple.com> Date: Mon, 29 Jul 2024 16:13:48 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-07-29-2024-6 macOS Monterey 12.7.6 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-07-29-2024-6 macOS Monterey 12.7.6 macOS Monterey 12.7.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT214118. Apple maintains a Security Releases page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. APFS Available for: macOS Monterey Impact: A malicious application may be able to bypass Privacy preferences Description: The issue was addressed with improved restriction of data container access. CVE-2024-40783: Csaba Fitzl (@theevilbit) of Kandji Apple Neural Engine Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2024-27826: Minghao Lin, and Ye Zhang (@VAR10CK) of Baidu Security AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to leak sensitive user information Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40775: Mickey Jin (@patch1t) AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: A downgrade issue was addressed with additional code- signing restrictions. CVE-2024-40774: Mickey Jin (@patch1t) AppleVA Available for: macOS Monterey Impact: Processing a maliciously crafted file may lead to a denial-of- service or potentially disclose memory contents Description: The issue was addressed with improved memory handling. CVE-2024-27877: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative CoreGraphics Available for: macOS Monterey Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40799: D4m0n CoreMedia Available for: macOS Monterey Impact: Processing a maliciously crafted video file may lead to unexpected app termination Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2024-27873: Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations curl Available for: macOS Monterey Impact: Multiple issues in curl Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-2004 CVE-2024-2379 CVE-2024-2398 CVE-2024-2466 DesktopServices Available for: macOS Monterey Impact: An app may be able to overwrite arbitrary files Description: The issue was addressed with improved checks. CVE-2024-40827: an anonymous researcher Disk Management Available for: macOS Monterey Impact: A malicious app may be able to gain root privileges Description: The issue was addressed with improved checks. CVE-2024-40828: Mickey Jin (@patch1t) ImageIO Available for: macOS Monterey Impact: Processing an image may lead to a denial-of-service Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-6277 CVE-2023-52356 ImageIO Available for: macOS Monterey Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-40806: Yisumi Kernel Available for: macOS Monterey Impact: A local attacker may be able to cause unexpected system shutdown Description: An out-of-bounds read was addressed with improved input validation. CVE-2024-40816: sqrtpwn Kernel Available for: macOS Monterey Impact: A local attacker may be able to cause unexpected system shutdown Description: A type confusion issue was addressed with improved memory handling. CVE-2024-40788: Minghao Lin and Jiaxun Zhu from Zhejiang University Keychain Access Available for: macOS Monterey Impact: An attacker may be able to cause unexpected app termination Description: A type confusion issue was addressed with improved checks. CVE-2024-40803: Patrick Wardle of DoubleYou & the Objective-See Foundation NetworkExtension Available for: macOS Monterey Impact: Private browsing may leak some browsing history Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-40796: Adam M. OpenSSH Available for: macOS Monterey Impact: A remote attacker may be able to cause arbitrary code execution Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-6387 PackageKit Available for: macOS Monterey Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved checks. CVE-2024-40781: Mickey Jin (@patch1t) CVE-2024-40802: Mickey Jin (@patch1t) PackageKit Available for: macOS Monterey Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved checks. CVE-2024-40823: Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong PackageKit Available for: macOS Monterey Impact: An app may be able to modify protected parts of the file system Description: A permissions issue was addressed with additional restrictions. CVE-2024-27882: Mickey Jin (@patch1t) CVE-2024-27883: Csaba Fitzl (@theevilbit) of Kandji and Mickey Jin (@patch1t) Restore Framework Available for: macOS Monterey Impact: An app may be able to modify protected parts of the file system Description: An input validation issue was addressed with improved input validation. CVE-2024-40800: Claudio Bozzato and Francesco Benvenuto of Cisco Talos RTKit Available for: macOS Monterey Impact: An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited. Description: A memory corruption issue was addressed with improved validation. CVE-2024-23296 Safari Available for: macOS Monterey Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. CVE-2024-40817: Yadhu Krishna M and Narendra Bhati, Manager of Cyber Security At Suma Soft Pvt. Ltd, Pune (India) Scripting Bridge Available for: macOS Monterey Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-27881: Kirin (@Pwnrin) Security Available for: macOS Monterey Impact: Third party app extensions may not receive the correct sandbox restrictions Description: An access issue was addressed with additional sandbox restrictions. CVE-2024-40821: Joshua Jones Security Available for: macOS Monterey Impact: An app may be able to read Safari's browsing history Description: This issue was addressed with improved redaction of sensitive information. CVE-2024-40798: Adam M. Shortcuts Available for: macOS Monterey Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: A logic issue was addressed with improved checks. CVE-2024-40833: an anonymous researcher CVE-2024-40835: an anonymous researcher CVE-2024-40807: an anonymous researcher Shortcuts Available for: macOS Monterey Impact: A shortcut may be able to bypass sensitive Shortcuts app settings Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40834: Marcio Almeida from Tanto Security Shortcuts Available for: macOS Monterey Impact: A shortcut may be able to bypass Internet permission requirements Description: This issue was addressed by adding an additional prompt for user consent. CVE-2024-40787: an anonymous researcher Shortcuts Available for: macOS Monterey Impact: An app may be able to access user-sensitive data Description: This issue was addressed by removing the vulnerable code. CVE-2024-40793: Kirin (@Pwnrin) Shortcuts Available for: macOS Monterey Impact: A shortcut may be able to bypass Internet permission requirements Description: A logic issue was addressed with improved checks. CVE-2024-40809: an anonymous researcher CVE-2024-40812: an anonymous researcher Time Zone Available for: macOS Monterey Impact: An attacker may be able to read information belonging to another user Description: A logic issue was addressed with improved state management. CVE-2024-23261: Matthew Loewen Additional recognition Image Capture We would like to acknowledge an anonymous researcher for their assistance. Shortcuts We would like to acknowledge an anonymous researcher for their assistance. macOS Monterey 12.7.6 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Releases web site: https://support.apple.com/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmaoH80ACgkQX+5d1TXa IvpMDA//QAU09T36jR5fbTnjQO2DBw9NlBmUZGmCbdWayQPrdEkRTtvWDpNQaUwr 3Rpx22DV/XiVQm7K1fNoKQCUOti+pZQql6Crs5Ls8eGUlLPrZ2F3dVxcJjNR4KPD 8/HtDeZjooFXP2CaM3FPOW8xClyc8DmiTDDvJWQBDn5mtAjNcEBP1emA2Q9NsFvq Nz+t18QS4bSGTmYzOz3V8drq0V4bESYGep0bfBEyjnijme/lw/awPF864c+bYvvV I/ZIyiJmfeOpnbkZu6N97TCd81O+9Mkt3SGa0hdJITsazKOpLdvqQPm0jUdq/eTR pNz+0L4P3GPhLsUIjtpTkWugc2VWrTOvmsDlR/198wUKnoYkDtzfTwhHvkAXBZv1 M3S3rvCPfKlSxv+RZPt5srD1Uuc2GK6zAWSiAWQ6t7K6v/t/sDA8SSmmeDRxvZBf dI270i27VtH4R7+pjctKQyf4HE759CcInzRDKYo0qnX3KEKI0eC00pc1ELTBBCwu a0dAH1f9AtuPlDNHwjVsDyJdIDF1t9hYwh3Lvp80VIN73b0R4TrmiwECIfICtcj2 P01X6wq1nOKXHwsDAcnJiVxUvipeq3M6G040gzIVcQ/uriX67HgWJF47DeqL7UUd /yRtUEAj4Rx5UpIa1+Oc0vXi8hSdklxHPVRzbPx8o9xiztZqKsU= =426V -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists