Apple Security Advisory 05-13-2024-2

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256APPLE-SA-05-13-2024-2 iOS 17.5 and iPadOS 17.5iOS 17.5 and iPadOS 17.5 addresses the following issues.Information about the security content is also available athttps://support.apple.com/HT214101.Apple maintains a Security Releases page athttps://support.apple.com/HT201222 which lists recentsoftware updates with security advisories.AppleAVDAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An app may be able to execute arbitrary code with kernelprivilegesDescription: The issue was addressed with improved memory handling.CVE-2024-27804: Meysam Firouzi (@R00tkitSMM)AppleMobileFileIntegrityAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An attacker may be able to access user dataDescription: A logic issue was addressed with improved checks.CVE-2024-27816: Mickey Jin (@patch1t)AVEVideoEncoderAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An app may be able to disclose kernel memoryDescription: The issue was addressed with improved memory handling.CVE-2024-27841: an anonymous researcherFind MyAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: A malicious application may be able to determine a user'scurrent locationDescription: A privacy issue was addressed by moving sensitive data to amore secure location.CVE-2024-27839: Alexander Heinrich, SEEMOO, TU Darmstadt (@Sn0wfreeze),and Shai Mishali (@freak4pc)KernelAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An attacker may be able to cause unexpected app termination orarbitrary code executionDescription: The issue was addressed with improved memory handling.CVE-2024-27818: pattern-f (@pattern_F_) of Ant Security Light-Year LabLibsystemAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An app may be able to access protected user dataDescription: A permissions issue was addressed by removing vulnerablecode and adding additional checks.CVE-2023-42893: an anonymous researcherMapsAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An app may be able to read sensitive location informationDescription: A path handling issue was addressed with improvedvalidation.CVE-2024-27810: LFY@secsys of Fudan UniversityMarketplaceKitAvailable for: iPhone XS and laterImpact: A maliciously crafted webpage may be able to distribute a scriptthat tracks users on other webpagesDescription: A privacy issue was addressed with improved client IDhandling for alternative app marketplaces.CVE-2024-27852: Talal Haj Bakry and Tommy Mysk of Mysk Inc. (@mysk_co)NotesAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An attacker with physical access to an iOS device may be able toaccess notes from the lock screenDescription: This issue was addressed through improved state management.CVE-2024-27835: Andr.EssRemoteViewServicesAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An attacker may be able to access user dataDescription: A logic issue was addressed with improved checks.CVE-2024-27816: Mickey Jin (@patch1t)ScreenshotsAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An attacker with physical access may be able to share items fromthe lock screenDescription: A permissions issue was addressed with improved validation.CVE-2024-27803: an anonymous researcherShortcutsAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: A shortcut may output sensitive user data without consentDescription: A path handling issue was addressed with improvedvalidation.CVE-2024-27821: Kirin (@Pwnrin), zbleet, and Csaba Fitzl (@theevilbit)of KandjiSync ServicesAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An app may be able to bypass Privacy preferencesDescription: This issue was addressed with improved checksCVE-2024-27847: Mickey Jin (@patch1t)Voice ControlAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An attacker may be able to elevate privilegesDescription: The issue was addressed with improved checks.CVE-2024-27796: ajajfxhjWebKitAvailable for: iPhone XS and later, iPad Pro 12.9-inch 2nd generationand later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation andlater, iPad Air 3rd generation and later, iPad 6th generation and later,and iPad mini 5th generation and laterImpact: An attacker with arbitrary read and write capability may be ableto bypass Pointer AuthenticationDescription: The issue was addressed with improved checks.WebKit Bugzilla: 272750CVE-2024-27834: Manfred Paul (@_manfp) working with Trend Micro's ZeroDay InitiativeAdditional recognitionApp StoreWe would like to acknowledge an anonymous researcher for theirassistance.CoreHAPWe would like to acknowledge Adrian Cable for their assistance.Face IDWe would like to acknowledge Lucas Monteiro, Daniel Monteiro, and FelipeMonteiro for their assistance.HearingCoreWe would like to acknowledge an anonymous researcher for theirassistance.Managed ConfigurationWe would like to acknowledge 遥遥领先 (@晴天组织) for their assistance.Safari DownloadsWe would like to acknowledge Arsenii Kostromin (0x3c3e) for theirassistance.Status BarWe would like to acknowledge Abhay Kailasia (@abhay_kailasia) of LakshmiNarain College of Technology Bhopal for their assistance.This update is available through iTunes and Software Update on youriOS device, and will not appear in your computer's Software Updateapplication, or in the Apple Downloads site. Make sure you have anInternet connection and have installed the latest version of iTunesfrom https://www.apple.com/itunes/  iTunes and Software Update on thedevice will automatically check Apple's update server on its weeklyschedule. When an update is detected, it is downloaded and the optionto be installed is presented to the user when the iOS device isdocked. We recommend applying the update immediately if possible.Selecting Don't Install will present the option the next time youconnect your iOS device.  The automatic update process may take up toa week depending on the day that iTunes or the device checks forupdates. You may manually obtain the update via the Check for Updatesbutton within iTunes, or the Software Update on your device.  Tocheck that the iPhone, iPod touch, or iPad has been updated:  *Navigate to Settings * Select General * Select About. The versionafter applying this update will be "iOS 17.5 and iPadOS 17.5".All information is also posted on the Apple Security Releasesweb site: https://support.apple.com/HT201222.This message is signed with Apple's Product Security PGP key,and details are available at:https://www.apple.com/support/security/pgp/-----BEGIN PGP SIGNATURE-----iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmZCru4ACgkQX+5d1TXaIvrSLxAAnqj3N4PyUOrHm+zOFx2kEM5qVOwxJVlqbH9Q6DMG2L54N2iTmyR4X0W85uOA9hmHW9TdR+OT85zMXSXdNWn16BMzUtYQjXTk4pU4dEpcD/V5Vjs8dq+LX6YH1Y9/M8K/wh7oAmPfnRQbCitEvwMRpXglHQbfeydUKhri67LeNRYKpYu7KRZrFP+XSfFfqJOI4a1FM/xDgFALCsDVws/qdk1K9o0NoxEjKcwvTplCoNtHajjW1l3QT4nMxgcueMqfJL99nbCzisEmwovbhD17UQDA4zrxrRejCjY233g7uDB6vIkQDCUzSqo82lb+HO0uCMG3rkMQs1jt6iCNYpop4n+tvpLz9DLB+H5PqXXZYQe9dHsEgnuhsMCRlpJ7MGgAxEaIs/bZQLVJKa3UEZXbd4s5OUz3kE8tRx5faFj4zIj+8++W+2vI8q8qZNm2hA/APket6twiTDOxjO4uFdo/TGQUtVI+RSAToKAA3k31wNhKXUTTssUb8at9Sto+BA3p/fJ0fZhGWunJ3kABacSuZcp9lQsCB2mIs6f1fBidCCZD+257uaQfNe9bhPaiRJj8JIkbNII07U7Yat+86RVNqZemascU5zZJxsV2vLsOTreptkJ4Wot8ghnhrozRvGjqYPgmsXV350+6tL651rbbQAJbf8APIohEjUIXFQkg6DI==3eb1-----END PGP SIGNATURE-----