Headline
Apple Security Advisory 03-07-2024-5
Apple Security Advisory 03-07-2024-5 - watchOS 10.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-03-07-2024-5 watchOS 10.4
watchOS 10.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214088.
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Accessibility
Available for: Apple Watch Series 4 and later
Impact: A malicious app may be able to observe user data in log entries
related to accessibility notifications
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-23291
AppleMobileFileIntegrity
Available for: Apple Watch Series 4 and later
Impact: An app may be able to elevate privileges
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-23288: Wojciech Regula of SecuRing (wojciechregula.blog) and
Kirin (@Pwnrin)
CoreBluetooth - LE
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access Bluetooth-connected microphones
without user permission
Description: An access issue was addressed with improved access
restrictions.
CVE-2024-23250: Guilherme Rambo of Best Buddy Apps (rambo.codes)
file
Available for: Apple Watch Series 4 and later
Impact: Processing a file may lead to a denial-of-service or potentially
disclose memory contents
Description: This issue was addressed with improved checks.
CVE-2022-48554
ImageIO
Available for: Apple Watch Series 4 and later
Impact: Processing an image may lead to arbitrary code execution
Description: A buffer overflow issue was addressed with improved memory
handling.
CVE-2024-23286: Dohyun Lee (@l33d0hyun)
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access user-sensitive data
Description: A race condition was addressed with additional validation.
CVE-2024-23235
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2024-23265: Xinru Chi of Pangu Lab
Kernel
Available for: Apple Watch Series 4 and later
Impact: An attacker with arbitrary kernel read and write capability may
be able to bypass kernel memory protections. Apple is aware of a report
that this issue may have been exploited.
Description: A memory corruption issue was addressed with improved
validation.
CVE-2024-23225
libxpc
Available for: Apple Watch Series 4 and later
Impact: An app may be able to break out of its sandbox
Description: The issue was addressed with improved checks.
CVE-2024-23278: an anonymous researcher
libxpc
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code out of its sandbox
or with certain elevated privileges
Description: The issue was addressed with improved memory handling.
CVE-2024-0258: ali yabuz
MediaRemote
Available for: Apple Watch Series 4 and later
Impact: A malicious application may be able to access private
information
Description: The issue was addressed with improved checks.
CVE-2024-23297: scj643
Messages
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed with improved handling of
temporary files.
CVE-2024-23287: Kirin (@Pwnrin)
RTKit
Available for: Apple Watch Series 4 and later
Impact: An attacker with arbitrary kernel read and write capability may
be able to bypass kernel memory protections. Apple is aware of a report
that this issue may have been exploited.
Description: A memory corruption issue was addressed with improved
validation.
CVE-2024-23296
Sandbox
Available for: Apple Watch Series 4 and later
Impact: An app may be able to leak sensitive user information
Description: A race condition was addressed with improved state
handling.
CVE-2024-23239: Mickey Jin (@patch1t)
Sandbox
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access user-sensitive data
Description: A logic issue was addressed with improved restrictions.
CVE-2024-23290: Wojciech Regula of SecuRing (wojciechregula.blog)
Share Sheet
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-23231: Kirin (@Pwnrin) and luckyu (@uuulucky)
Siri
Available for: Apple Watch Series 4 and later
Impact: A person with physical access to a device may be able to use
Siri to access private calendar information
Description: A lock screen issue was addressed with improved state
management.
CVE-2024-23289: Lewis Hardy
Siri
Available for: Apple Watch Series 4 and later
Impact: An attacker with physical access may be able to use Siri to
access sensitive user data
Description: This issue was addressed through improved state management.
CVE-2024-23293: Bistrit Dahal
UIKit
Available for: Apple Watch Series 4 and later
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-23246: Deutsche Telekom Security GmbH sponsored by Bundesamt
für Sicherheit in der Informationstechnik
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing web content may lead to arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 259694
CVE-2024-23226: Pwn2car
WebKit
Available for: Apple Watch Series 4 and later
Impact: A malicious website may exfiltrate audio data cross-origin
Description: The issue was addressed with improved UI handling.
WebKit Bugzilla: 263795
CVE-2024-23254: James Lee (@Windowsrcer)
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may prevent Content
Security Policy from being enforced
Description: A logic issue was addressed with improved validation.
WebKit Bugzilla: 264811
CVE-2024-23263: Johan Carlsson (joaxcar)
WebKit
Available for: Apple Watch Series 4 and later
Impact: A maliciously crafted webpage may be able to fingerprint the
user
Description: An injection issue was addressed with improved validation.
WebKit Bugzilla: 266703
CVE-2024-23280: an anonymous researcher
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may prevent Content
Security Policy from being enforced
Description: A logic issue was addressed with improved state management.
WebKit Bugzilla: 267241
CVE-2024-23284: Georg Felber and Marco Squarcina
Additional recognition
CoreAnimation
We would like to acknowledge Junsung Lee for their assistance.
CoreMotion
We would like to acknowledge Eric Dorphy of Twin Cities App Dev LLC for
their assistance.
Find My
We would like to acknowledge Meng Zhang (鲸落) of NorthSea for their
assistance.
Kernel
We would like to acknowledge Tarek Joumaa (@tjkr0wn) for their
assistance.
libxml2
We would like to acknowledge OSS-Fuzz, and Ned Williamson of Google
Project Zero for their assistance.
libxpc
We would like to acknowledge Rasmus Sten, F-Secure (Mastodon:
@[email protected]), and an anonymous researcher for their assistance.
Power Management
We would like to acknowledge Pan ZhenPeng (@Peterpan0927) of STAR Labs
SG Pte. Ltd. for their assistance.
Sandbox
We would like to acknowledge Zhongquan Li (@Guluisacat) for their
assistance.
Siri
We would like to acknowledge Bistrit Dahal for their assistance.
Software Update
We would like to acknowledge Bin Zhang of Dublin City University for
their assistance.
WebKit
We would like to acknowledge Nan Wang (@eternalsakura13) of 360
Vulnerability Research Institute, Valentino Dalla Valle, Pedro Bernardo,
Marco Squarcina, and Lorenzo Veronese of TU Wien for their assistance.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About".
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmXqceUACgkQX+5d1TXa
IvonOhAAwwl6+Y0b68Rv2candfehqbFS9AF1RoPqGJyBZ+BcPszyPktyhxfBV7jQ
HRiR/GCFn+m8wFtARsEQ7dqe2me/qW7Gmq7jre5A4oasMNJzSWJ/5y1hcKkbnT2A
tWYzbqtDTmxwcPgOPEZxmOZr85TRcWcyHqOMFFKXM5iwq6bChItd0q4YqpDKIJqJ
VvrmxWZ8xEhAqxuWUMDomGEldQB+omlZDdE+Vy6cr+vJRUt9J06GQghZG5lVTQI3
Bv0wuNhmm0cw9rKOhUeqCwWjjzKqUodz70RgK3ihvlq3348BTNaKVL7rj/Xjla32
Ov5VUqgPl7TZ+cndITT2XTLD7PV5Jcb5emyQiMlVmUS+gLs0EDcwdelycsZ9BWIy
lMIqapJojAtaUiMSxgjYiILpNvBpgtgwh7kVNzPh5B740H5GuEF5WTtSDWupJ+/R
voTF1VIBeG/Q3W63Sg39D909Gw+xoiqtw+EF4E44xrzAnNb6mefbUpNKu9533WcD
wpJzg0lj0cTHwEvOHMqARVoFGNf8a8awPHzwugiZVuigW7eKjm+iXkhKJRxovi5r
A2UlktISxWrcJ4jD3BS/MLOtD62IKIH4yWr7TR9Lku3JE7X4TZHzqzcOzPaTTCl7
NGW88NsCC7F1k2kJltcEXBP4WhkMJNcZzBjJRoahScWUOxNd0FE=
=6g/T
-----END PGP SIGNATURE-----
Related news
Gentoo Linux Security Advisory 202407-13 - Multiple vulnerabilities have been discovered in WebKitGTK+, the worst of which could lead to arbitrary code execution Versions greater than or equal to 2.44.0:4 are affected.
Apple Security Advisory 05-13-2024-5 - macOS Ventura 13.6.7 addresses bypass vulnerabilities.
Apple Security Advisory 05-13-2024-3 - iOS 16.7.8 and iPadOS 16.7.8 addresses bypass vulnerabilities.
Debian Linux Security Advisory 5684-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine. Kacper Kwapisz discovered that visiting a malicious website may lead to address bar spoofing. Nan Wang and Rushikesh Nandedkar discovered that processing maliciously crafted web content may lead to arbitrary code execution. SungKwon Lee discovered that processing web content may lead to a denial-of-service. Various other issues were also addressed.
Red Hat Security Advisory 2024-2512-03 - An update for file is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer over-read vulnerability.
Ubuntu Security Notice 6732-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Plus: Microsoft patches over 60 vulnerabilities, Mozilla fixes two Firefox zero-day bugs, Google patches 40 issues in Android, and more.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-7 - visionOS 1.1 addresses buffer overflow, bypass, code execution, and out of bounds read vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-6 - tvOS 17.4 addresses buffer overflow, bypass, and code execution vulnerabilities.
Apple Security Advisory 03-07-2024-4 - macOS Monterey 12.7.4 addresses buffer overflow, bypass, code execution, and out of bounds write vulnerabilities.
Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple's new macOS Sonoma addresses at least 68 security weaknesses, and its latest updates for iOS fixes two zero-day flaws.
Apple has released a security update for iOS and iPadOS to patch two zero-day vulnerabilities which are reported to already have been exploited.
Apple has released a security update for iOS and iPadOS to patch two zero-day vulnerabilities which are reported to already have been exploited.
An issue exists in SoftIron HyperCloud where compute nodes may come online immediately without following the correct initialization process. In this instance, workloads may be scheduled on these nodes and deploy to a failed or erroneous state, which impacts the availability of these workloads that may be deployed during this time window. This issue impacts HyperCloud versions from 2.0.0 to before 2.0.3.
Ubuntu Security Notice 6359-1 - It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.
Debian Linux Security Advisory 5489-1 - A buffer overflow was found in file, a file type classification tool, which may result in denial of service if a specially crafted file is processed.
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.