lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-id: <D6BF72C2-5EB5-4B87-9DF4-49D02C51723D@lists.apple.com>
Date: Mon, 16 Sep 2024 18:09:25 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-09-16-2024-5 visionOS 2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-09-16-2024-5 visionOS 2

visionOS 2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121249.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

APFS
Available for: Apple Vision Pro
Impact: A malicious app with root privileges may be able to modify the
contents of system files
Description: The issue was addressed with improved checks.
CVE-2024-40825: Pedro Tôrres (@t0rr3sp3dr0)

Compression
Available for: Apple Vision Pro
Impact: Unpacking a maliciously crafted archive may allow an attacker to
write arbitrary files
Description: A race condition was addressed with improved locking.
CVE-2024-27876: Snoolie Keffaber (@0xilis)

Game Center
Available for: Apple Vision Pro
Impact: An app may be able to access user-sensitive data
Description: A file access issue was addressed with improved input
validation.
CVE-2024-40850: Denis Tokarev (@illusionofcha0s)

ImageIO
Available for: Apple Vision Pro
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: An out-of-bounds read issue was addressed with improved
input validation.
CVE-2024-27880: Junsung Lee

ImageIO
Available for: Apple Vision Pro
Impact: Processing an image may lead to a denial-of-service
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro Zero
Day Initiative and an anonymous researcher

IOSurfaceAccelerator
Available for: Apple Vision Pro
Impact: An app may be able to cause unexpected system termination
Description: The issue was addressed with improved memory handling.
CVE-2024-44169: Antonio Zekić

Kernel
Available for: Apple Vision Pro
Impact: Network traffic may leak outside a VPN tunnel
Description: A logic issue was addressed with improved checks.
CVE-2024-44165: Andrew Lytvynov

Kernel
Available for: Apple Vision Pro
Impact: An app may gain unauthorized access to Bluetooth
Description: This issue was addressed through improved state management.
CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven
(@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef

libxml2
Available for: Apple Vision Pro
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: An integer overflow was addressed through improved input
validation.
CVE-2024-44198: OSS-Fuzz, Ned Williamson of Google Project Zero

mDNSResponder
Available for: Apple Vision Pro
Impact: An app may be able to cause a denial-of-service
Description: A logic error was addressed with improved error handling.
CVE-2024-44183: Olivier Levon

Model I/O
Available for: Apple Vision Pro
Impact: Processing a maliciously crafted image may lead to a denial-of-
service
Description: This is a vulnerability in open source code and Apple
Software is among the affected projects. The CVE-ID was assigned by a
third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2023-5841

Notes
Available for: Apple Vision Pro
Impact: An app may be able to overwrite arbitrary files
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-44167: ajajfxhj

Presence
Available for: Apple Vision Pro
Impact: An app may be able to read sensitive data from the GPU memory
Description: The issue was addressed with improved handling of caches.
CVE-2024-40790: Max Thomas

WebKit
Available for: Apple Vision Pro
Impact: Processing maliciously crafted web content may lead to universal
cross site scripting
Description: This issue was addressed through improved state management.
WebKit Bugzilla: 268724
CVE-2024-40857: Ron Masas

WebKit
Available for: Apple Vision Pro
Impact: A malicious website may exfiltrate data cross-origin
Description: A cross-origin issue existed with "iframe" elements. This
was addressed with improved tracking of security origins.
WebKit Bugzilla: 279452
CVE-2024-44187: Narendra Bhati, Manager of Cyber Security at Suma Soft
Pvt. Ltd, Pune (India)

Additional recognition

Kernel
We would like to acknowledge Braxton Anderson for their assistance.

Maps
We would like to acknowledge Kirin (@Pwnrin) for their assistance.

Passwords
We would like to acknowledge Richard Hyunho Im (@r1cheeta) for their
assistance.

TCC
We would like to acknowledge Vaibhav Prajapati for their assistance.

WebKit
We would like to acknowledge Avi Lumelsky, Uri Katz, (Oligo Security),
Johan Carlsson (joaxcar) for their assistance.


Instructions on how to update visionOS are available at
https://support.apple.com/HT214009 To check the software version
on your Apple Vision Pro, open the Settings app and choose General >
About.

All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmboyKsACgkQX+5d1TXa
IvqFuxAAopj95HCodS5RObRJUENK6BWIMzT6ZZGjq3uSaglBxCsDWnnrPrhAwZAF
Xqe1eCauwXsl9lDJJ56dv0z2C84TZp5UP+nM+saBAZs9fzj037YSXXa8lriMBxMl
XNjF22l60+9s/5kwLZDackZI57et6mQbTEKrFf9ZzuaPpuMPuHgvPICEjDjUOhFN
noozxvy+D6jT8uTCLtAAk/4/B8sbOUJ5zRbyy1jmifLNtWgymxbSeoF5kHYedvdZ
r65m84Q0W6WuxfEa0syjrsPFbHaBKnhD0bPLYR/nd5d0DCv1e36nj4z4tTWkAMZz
jutBmHvawNAPJixppNOCME3p0agFxnBQBVsk5hPUEpKw7wlBmGjcK+tzfrNnivA7
kJrFOS3LAp9jtTY4E4JobrpYAvKOAwE2W1uby41iKjNcnNYiUmnUvCKwA/3EkB7W
atVnSHuZepKbB7RD9MNz+U/AASL9oGBocvvd/c2kln/RSnhAFGE+xxw+xgtqQzrs
VKlczIRaSB/Ryk8+uFHcLZ09SZziq8CX/nr1NZjI73IhwDD6x1YGUbUqV+mXsWTV
gwpqCyC9trJJ9Qxcz/pDBGRDCSNxG6x7iY4GTRVAjmmtDIPFxd1znjjVrF6bneV7
vKX/YadQpz7Pqem6I67GFQjQGDVOvlhJ0v35K8VCH0LlRWsl3CE=
=iu8f
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ