Security
Headlines
HeadlinesLatestCVEs

Headline

Apple Security Advisory 2023-03-27-6

Apple Security Advisory 2023-03-27-6 - tvOS 16.4 addresses bypass, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

Packet Storm
#vulnerability#web#apple#zero_day#webkit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2023-03-27-6 tvOS 16.4

tvOS 16.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213674.

AppleMobileFileIntegrity
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: A user may gain access to protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2023-23527: Mickey Jin (@patch1t)

Core Bluetooth
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: Processing a maliciously crafted Bluetooth packet may result
in disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2023-23528: Jianjun Dai and Guang Gong of 360 Vulnerability
Research Institute

CoreCapture
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-28181: Tingting Yin of Tsinghua University

FontParser
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: Processing a maliciously crafted image may result in
disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2023-27956: Ye Zhang of Baidu Security

Foundation
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: Parsing a maliciously crafted plist may lead to an unexpected
app termination or arbitrary code execution
Description: An integer overflow was addressed with improved input
validation.
CVE-2023-27937: an anonymous researcher

Identity Services
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-27928: Csaba Fitzl (@theevilbit) of Offensive Security

ImageIO
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: Processing a maliciously crafted image may result in
disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23535: ryuzaki

ImageIO
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: Processing a maliciously crafted image may result in
disclosure of process memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2023-27929: Meysam Firouzi (@R00tkitSMM) of Mbition Mercedes-Benz
Innovation Lab and jzhu working with Trend Micro Zero Day Initiative

Kernel
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2023-27969: Adam Doupé of ASU SEFCOM

Kernel
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-27933: sqrtpwn

Podcasts
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved checks.
CVE-2023-27942: Mickey Jin (@patch1t)

TCC
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by removing the vulnerable
code.
CVE-2023-27931: Mickey Jin (@patch1t)

WebKit
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: Processing maliciously crafted web content may bypass Same
Origin Policy
Description: This issue was addressed with improved state management.
WebKit Bugzilla: 248615
CVE-2023-27932: an anonymous researcher

WebKit
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: A website may be able to track sensitive user information
Description: The issue was addressed by removing origin information.
WebKit Bugzilla: 250837
CVE-2023-27954: an anonymous researcher

Additional recognition

CFNetwork
We would like to acknowledge an anonymous researcher for their
assistance.

CoreServices
We would like to acknowledge Mickey Jin (@patch1t) for their
assistance.

ImageIO
We would like to acknowledge Meysam Firouzi @R00tkitSMM for their
assistance.

WebKit
We would like to acknowledge an anonymous researcher for their
assistance.

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting “Settings ->
System -> Software Update -> Update Software.” To check the current
version of software, select “Settings -> General -> About.”
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmQiHn0ACgkQ4RjMIDke
Nxlyyg//ePQb9FK6kVxRCnemA/ohDVERRj4NgAV7wlwaD5S/JiB2J1udvO6PJtMK
WR70cDcxOyEWwS45ejP/QhkzpEMRQr0Xhgr9E/BRFm8cltHmPbrVLqBXkIYYDYOT
GfLTgzEPHkHnByJySHr8DfNHxDib7oABRaNWHN5Jlr9c7+acpZokOPk7EXcnwojd
yZjxkbiSkOmfizS+hIQvrSXQl+squ1Lva8v4KyygWqnCqbnq+9SVKVAFchWTnXqD
LvODlXEb5a8TwCapcWLQKtrn3oK84tzI9iIDVrY0qhg5Y3Igu0ZrKF6pIcAk2jiA
MFS6rrgRzOk3nEGCYAIhVY8pt989oE5euC9OK/pT1gOUBzXPAiN3/MmvRqRNkNmJ
waNaVw/ITLVWbAN7HlwOZCft1qv+jCdtI7w5U/GwTXWR/ZcFeTFq93RNRw3pbhqZ
dXhJAEbqAxFIgkobmAX7jTnXThs8WJUPIhs3aPFLRrpmVpR+s3XanvGxyXK4gj6/
9ziqm2HQCCYxz654R65Dh97bRhZRD5vtf9ygtuAbQwQnP61df4MDN3hsQAUyhriT
vu0TYdd7yg1oG3mqJxybx9eMQOLB8PBGAR3/pXcD+gLiLATRyH6i4QP43uoQCExE
1hCVqZBIMG/vq8M0XEKT+85/RdaLBdlDKES3N4QLq4UztsWT4bY=
=P2oh
-----END PGP SIGNATURE-----

Related news

CVE-2023-27940: About the security content of macOS Monterey 12.6.6

The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, macOS Monterey 12.6.6. A sandboxed app may be able to observe system-wide network connections

CVE-2023-32369: About the security content of macOS Big Sur 11.7.7

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.4, macOS Big Sur 11.7.7, macOS Monterey 12.6.6. An app may be able to modify protected parts of the file system

Gentoo Linux Security Advisory 202305-32

Gentoo Linux Security Advisory 202305-32 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in arbitrary code execution. Versions greater than or equal to 2.40.1 are affected.

CVE-2023-28181: About the security content of tvOS 16.4

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, watchOS 9.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges

CVE-2023-28190: About the security content of macOS Ventura 13.3

A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in macOS Ventura 13.3. An app may be able to access user-sensitive data

CVE-2023-28194: About the security content of iOS 16.4 and iPadOS 16.4

The issue was addressed with improved checks. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to unexpectedly create a bookmark on the Home Screen

CVE-2023-28200: About the security content of macOS Big Sur 11.7.5

A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. An app may be able to disclose kernel memory

CVE-2023-28201: About the security content of iOS 15.7.4 and iPadOS 15.7.4

This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A remote user may be able to cause unexpected app termination or arbitrary code execution

Ubuntu Security Notice USN-6061-1

Ubuntu Security Notice 6061-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Debian Security Advisory 5397-1

Debian Linux Security Advisory 5397-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. Luan Herrera discovered that an HTML document may be able to render iframes with sensitive user information. P1umer and Q1IQ discovered that processing maliciously crafted web content may lead to arbitrary code execution. An anonymous researcher discovered that processing maliciously crafted web content may bypass Same Origin Policy. An anonymous researcher discovered that a website may be able to track sensitive user information. Clement Lecigne and Donncha O Cearbhaill discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Debian Security Advisory 5396-1

Debian Linux Security Advisory 5396-1 - Vulnerabilities have been discovered in the WebKitGTK web engine. Luan Herrera discovered that an HTML document may be able to render iframes with sensitive user information. P1umer and Q1IQ discovered that processing maliciously crafted web content may lead to arbitrary code execution. An anonymous researcher discovered that processing maliciously crafted web content may bypass Same Origin Policy. Clement Lecigne and Donncha O Cearbhaill discovered that processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Apple Security Advisory 2023-03-27-8

Apple Security Advisory 2023-03-27-8 - Safari 16.4 addresses bypass vulnerabilities.

Apple Security Advisory 2023-03-27-8

Apple Security Advisory 2023-03-27-8 - Safari 16.4 addresses bypass vulnerabilities.

Apple Security Advisory 2023-03-27-5

Apple Security Advisory 2023-03-27-5 - macOS Big Sur 11.7.5 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2023-03-27-4

Apple Security Advisory 2023-03-27-4 - macOS Monterey 12.6.4 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

Packet Storm: Latest News

Zeek 6.0.9