| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <BCAE9E88-A76D-45C9-9A3C-006698503605@lists.apple.com> Date: Mon, 12 May 2025 15:45:16 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-05-12-2025-7 tvOS 18.5 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-05-12-2025-7 tvOS 18.5 tvOS 18.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/122720. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. AppleJPEG Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory Description: The issue was addressed with improved input sanitization. CVE-2025-31251: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative Core Bluetooth Available for: Apple TV HD and Apple TV 4K (all models) Impact: An app may be able to access sensitive user data Description: This issue was addressed through improved state management. CVE-2025-31212: Guilherme Rambo of Best Buddy Apps (rambo.codes) CoreAudio Available for: Apple TV HD and Apple TV 4K (all models) Impact: Parsing a file may lead to an unexpected app termination Description: The issue was addressed with improved checks. CVE-2025-31208: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative CoreGraphics Available for: Apple TV HD and Apple TV 4K (all models) Impact: Parsing a file may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2025-31209: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative CoreMedia Available for: Apple TV HD and Apple TV 4K (all models) Impact: Parsing a file may lead to an unexpected app termination Description: A use-after-free issue was addressed with improved memory management. CVE-2025-31239: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative CoreMedia Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing a maliciously crafted video file may lead to unexpected app termination or corrupt process memory Description: The issue was addressed with improved input sanitization. CVE-2025-31233: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative ImageIO Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing a maliciously crafted image may lead to a denial-of- service Description: A logic issue was addressed with improved checks. CVE-2025-31226: Saagar Jha Kernel Available for: Apple TV HD and Apple TV 4K (all models) Impact: An attacker may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling. CVE-2025-31219: Michael DePlante (@izobashi) and Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative Kernel Available for: Apple TV HD and Apple TV 4K (all models) Impact: A remote attacker may cause an unexpected app termination Description: A double free issue was addressed with improved memory management. CVE-2025-31241: Christian Kohlschütter libexpat Available for: Apple TV HD and Apple TV 4K (all models) Impact: Multiple issues in libexpat, including unexpected app termination or arbitrary code execution Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2024-8176 mDNSResponder Available for: Apple TV HD and Apple TV 4K (all models) Impact: A user may be able to elevate privileges Description: A correctness issue was addressed with improved checks. CVE-2025-31222: Paweł Płatek (Trail of Bits) Pro Res Available for: Apple TV HD and Apple TV 4K (all models) Impact: An app may be able to cause unexpected system termination Description: The issue was addressed with improved checks. CVE-2025-31245: wac Pro Res Available for: Apple TV HD and Apple TV 4K (all models) Impact: An attacker may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved input sanitization. CVE-2025-31234: CertiK (@CertiK) Security Available for: Apple TV HD and Apple TV 4K (all models) Impact: A remote attacker may be able to leak memory Description: An integer overflow was addressed with improved input validation. CVE-2025-31221: Dave G. WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: A type confusion issue could lead to memory corruption Description: This issue was addressed with improved handling of floats. WebKit Bugzilla: 286694 CVE-2025-24213: Google V8 Security Team WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing maliciously crafted web content may lead to memory corruption Description: The issue was addressed with improved checks. WebKit Bugzilla: 289387 CVE-2025-31223: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs WebKit Bugzilla: 289653 CVE-2025-31238: wac working with Trend Micro Zero Day Initiative WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing maliciously crafted web content may lead to memory corruption Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 287577 CVE-2025-24223: rheza (@ginggilBesel) and an anonymous researcher WebKit Bugzilla: 291506 CVE-2025-31204: Nan Wang(@eternalsakura13) WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: The issue was addressed with improved input validation. WebKit Bugzilla: 289677 CVE-2025-31217: Ignacio Sanmillan (@ulexec) WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: The issue was addressed with improved checks. WebKit Bugzilla: 288814 CVE-2025-31215: Jiming Wang and Jikai Ren WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: A type confusion issue was addressed with improved state handling. WebKit Bugzilla: 290834 CVE-2025-31206: an anonymous researcher WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: A malicious website may exfiltrate data cross-origin Description: The issue was addressed with improved checks. WebKit Bugzilla: 290992 CVE-2025-31205: Ivan Fratric of Google Project Zero WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing maliciously crafted web content may lead to an unexpected Safari crash Description: This issue was addressed with improved memory handling. WebKit Bugzilla: 290985 CVE-2025-31257: Juergen Schmied of Lynck GmbH Additional recognition AirDrop We would like to acknowledge Dalibor Milanovic for their assistance. Kernel We would like to acknowledge an anonymous researcher for their assistance. MobileGestalt We would like to acknowledge iisBuri for their assistance. NetworkExtension We would like to acknowledge Andrei-Alexandru Bleorțu for their assistance. WebKit We would like to acknowledge Mike Dougherty and Daniel White of Google Chrome and an anonymous researcher for their assistance. Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About.“ All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmgicu4ACgkQX+5d1TXa Ivrjbg//SA6nmsq/8+4QheChoblWl3ux74Bz0IfjZ+Ns3JZ0cEOOA/nAhCPsrBfh AVMrivkTYhuVWCNz0buAKBJsLID/rqt3n/JTPGjt5AJPATtJR4zJzt0dJDo+4+qb niMAKJQfjTSZ8qa6yx1+IFwwEc/H9mwVBcN93LUMoQHs0QorAytCTsJ0Ee0xMX67 7DHKWhfHFWd30sinqF9t5VD4dln5pPcsBI9FyYyyL33KJlgoPsrFq/wx7Rk6xspy Z2rotL1AvNwp9m0rHgvk85lzFjuvvnR7kdqW2dxpitpQNvwSXw2v4TaCGMWfWUDj f7cghzY6bUK07tOLiDZ73Pqp0RVdIinn316R4CCUnGuAFss3VS7TsBeUnUrQXO/C CHHzEDW8aFJbjb+JjcLnMPULYwk/RHs2YE3uI0IPsxr+CH8HMpzKOi19jGxzplYK 26dpd4hRML49795LQjeQLMqzb541pImS/dGYa13t3lDxW31MLIh58eVOKcUPG00K LOn+nFAOKV8PU3Zy5b5LxPZkc5aK6/Monzvczx5wS9oXPdp+L7w1nQlIU8C3CcWF gurHUpKOXzZ2vk/cviYqGil+7wmXHF8EmPMZo+//tPr0dIwgIDGcvHiMFUhyyjNE K6Ybk9VT3cqr/pnJW0MS9y6A16/hEUmWvDI5h3znT3ez7F7Cb9c= =c6eo -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists