Apple Releases MacOS Sonoma Including Numerous Security Patches, (Tue, Sep 26th)
2023-9-27 04:30:9 Author: isc.sans.edu(查看原文) 阅读量:18 收藏

CVE-2023-40384 [important] Airport
A permissions issue was addressed with improved redaction of sensitive information.
An app may be able to read sensitive location information x               CVE-2023-32377 [important] AMD
A buffer overflow issue was addressed with improved memory handling.
An app may be able to execute arbitrary code with kernel privileges x               CVE-2023-38615 [important] AMD
The issue was addressed with improved memory handling.
An app may be able to execute arbitrary code with kernel privileges x               CVE-2023-40448 [moderate] App Store
The issue was addressed with improved handling of protocols.
A remote attacker may be able to break out of Web Content sandbox x     x         CVE-2023-40432 [important] Apple Neural Engine
The issue was addressed with improved memory handling.
An app may be able to execute arbitrary code with kernel privileges x               CVE-2023-40399 [important] Apple Neural Engine
The issue was addressed with improved memory handling.
An app may be able to disclose kernel memory x               CVE-2023-40410 [important] Apple Neural Engine
An out-of-bounds read was addressed with improved input validation.
An app may be able to disclose kernel memory x           x x CVE-2023-32361 [important] AuthKit
The issue was addressed with improved handling of caches.
An app may be able to access user-sensitive data x               CVE-2023-35984 [moderate] Bluetooth
The issue was addressed with improved checks.
An attacker in physical proximity can cause a limited out of bounds write x               CVE-2023-40402 [moderate] Bluetooth
A permissions issue was addressed with additional restrictions.
An app may be able to access sensitive user data x               CVE-2023-40426 [moderate] Bluetooth
A permissions issue was addressed with additional restrictions.
An app may be able to bypass certain Privacy preferences x               CVE-2023-41065 [important] bootp
A privacy issue was addressed with improved private data redaction for log entries.
An app may be able to read sensitive location information x               CVE-2023-29497 [moderate] Calendar
A privacy issue was addressed with improved handling of temporary files.
An app may be able to access calendar data saved to a temporary directory x               CVE-2023-38596 [moderate] CFNetwork
The issue was addressed with improved handling of protocols.
An app may fail to enforce App Transport Security x               CVE-2023-40406 [moderate] ColorSync
The issue was addressed with improved checks.
An app may be able to read arbitrary files x           x x CVE-2023-40420 [moderate] CoreAnimation
The issue was addressed with improved memory handling.
Processing web content may lead to a denial-of-service x     x     x x CVE-2023-40407 [moderate] CUPS
The issue was addressed with improved bounds checks.
A remote attacker may be able to cause a denial-of-service x               CVE-2023-32396 [important] Dev Tools
This issue was addressed with improved checks.
An app may be able to gain elevated privileges x               CVE-2023-41980 [important] FileProvider
A permissions issue was addressed with additional restrictions.
An app may be able to bypass Privacy preferences x               CVE-2023-40395 [moderate] Game Center
The issue was addressed with improved handling of caches.
An app may be able to access contacts x     x       x CVE-2023-40391 [important] GPU Drivers
The issue was addressed with improved memory handling.
An app may be able to disclose kernel memory x               CVE-2023-40441 [moderate] GPU Drivers
A resource exhaustion issue was addressed with improved input validation.
Processing web content may lead to a denial-of-service x               CVE-2023-23495 [moderate] iCloud
A permissions issue was addressed with improved redaction of sensitive information.
An app may be able to access sensitive user data x               CVE-2023-40434 [moderate] iCloud Photo Library
A configuration issue was addressed with additional restrictions.
An app may be able to access a user's Photos Library x               CVE-2023-38586 [moderate] Image Capture
An access issue was addressed with additional sandbox restrictions.
A sandboxed process may be able to circumvent sandbox restrictions x               CVE-2023-40436 [moderate] IOAcceleratorFamily
The issue was addressed with improved bounds checks.
An attacker may be able to cause unexpected system termination or read kernel memory x               CVE-2023-41995 [important] Kernel
A use-after-free issue was addressed with improved memory management.
An app may be able to execute arbitrary code with kernel privileges x               CVE-2023-41981 [moderate] Kernel
The issue was addressed with improved memory handling.
An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations x     x     x   CVE-2023-41984 [important] Kernel
The issue was addressed with improved memory handling.
An app may be able to execute arbitrary code with kernel privileges x     x     x x CVE-2023-40429 [moderate] Kernel
A permissions issue was addressed with improved validation.
An app may be able to access sensitive user data x               CVE-2023-41067 [important] LaunchServices
A logic issue was addressed with improved checks.
An app may bypass Gatekeeper checks x               CVE-2023-40400 [critical] libpcap
This issue was addressed with improved checks.
A remote user may cause an unexpected app termination or arbitrary code execution x               CVE-2023-40454 [moderate] libxpc
A permissions issue was addressed with additional restrictions.
An app may be able to delete files for which it does not have permission x     x     x x CVE-2023-41073 [moderate] libxpc
An authorization issue was addressed with improved state management.
An app may be able to access protected user data x     x     x x CVE-2023-40403 [moderate] libxslt
The issue was addressed with improved memory handling.
Processing web content may disclose sensitive information x     x     x x CVE-2023-40427 [important] Maps
The issue was addressed with improved handling of caches.
An app may be able to read sensitive location information x           x x CVE-2023-32421 [moderate] Messages
A privacy issue was addressed with improved handling of temporary files.
An app may be able to observe unprotected user data x               CVE-2023-41986 [important] Music
The issue was addressed with improved checks.
An app may be able to modify protected parts of the file system x               CVE-2023-40455 [moderate] NetFSFramework
A permissions issue was addressed with additional restrictions.
A sandboxed process may be able to circumvent sandbox restrictions x               CVE-2023-40386 [moderate] Notes
A privacy issue was addressed with improved handling of temporary files.
An app may be able to access Notes attachments x               CVE-2023-37448 [important] Power Management
A lock screen issue was addressed with improved state management.
A user may be able to view restricted content from the lock screen x               CVE-2023-41063 [important] Pro Res
The issue was addressed with improved memory handling.
An app may be able to execute arbitrary code with kernel privileges x     x     x   CVE-2023-40422 [important] QuartzCore
The issue was addressed with improved memory handling.
An app may be able to cause a denial-of-service x               CVE-2023-39233 [moderate] Safari
The issue was addressed with improved checks.
Processing web content may disclose sensitive information x               CVE-2023-40388 [moderate] Safari
A privacy issue was addressed with improved handling of temporary files.
Safari may save photos to an unprotected location x               CVE-2023-35990 [moderate] Safari
The issue was addressed with improved checks.
An app may be able to identify what other apps a user has installed x     x         CVE-2023-40417 [moderate] Safari
A window management issue was addressed with improved state management.
Visiting a website that frames malicious content may lead to UI spoofing x               CVE-2023-40452 [moderate] Sandbox
The issue was addressed with improved bounds checks.
An app may be able to overwrite arbitrary files x           x x CVE-2023-41078 [moderate] Screen Sharing
An authorization issue was addressed with improved state management.
An app may be able to bypass certain Privacy preferences x               CVE-2023-41070 [moderate] Share Sheet
A logic issue was addressed with improved checks.
An app may be able to access sensitive data logged when a user shares a link x     x     x   CVE-2023-40541 [moderate] Shortcuts
This issue was addressed by adding an additional prompt for user consent.
A shortcut may output sensitive user data without consent x               CVE-2023-41079 [important] Shortcuts
The issue was addressed with improved permissions logic.
An app may be able to bypass Privacy preferences x               CVE-2023-41968 [moderate] Disk Management
This issue was addressed with improved validation of symlinks.
An app may be able to read arbitrary files x           x x CVE-2023-40450 [important] System Preferences
The issue was addressed with improved checks.
An app may bypass Gatekeeper checks x               CVE-2023-40424 [important] TCC
The issue was addressed with improved checks.
An app may be able to access user-sensitive data x               CVE-2023-39434 [critical] WebKit
A use-after-free issue was addressed with improved memory management.
Processing web content may lead to arbitrary code execution x               CVE-2023-41074 [critical] WebKit
The issue was addressed with improved checks.
Processing web content may lead to arbitrary code execution x               CVE-2023-35074 [critical] WebKit
The issue was addressed with improved memory handling.
Processing web content may lead to arbitrary code execution x               CVE-2023-41993 [critical] *** EXPLOITED *** WebKit
The issue was addressed with improved checks.
Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. x x x x         CVE-2023-41066 [moderate] Windows Server
An authentication issue was addressed with improved state management.
An app may be able to unexpectedly leak a user's credentials from secure text fields x               CVE-2023-41979 [important] XProtectFramework
A race condition was addressed with improved locking.
An app may be able to modify protected parts of the file system x               CVE-2023-41992 [moderate] *** EXPLOITED *** Kernel
The issue was addressed with improved checks.
A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.     x x x x x x CVE-2023-41991 [important] *** EXPLOITED *** Security
A certificate validation issue was addressed.
A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.     x x x x x   CVE-2023-41232 [important] Biometric Authentication
An out-of-bounds read was addressed with improved bounds checking.
An app may be able to disclose kernel memory       x     x x CVE-2023-41068 [important] MobileStorageMounter
An access issue was addressed with improved access restrictions.
A user may be able to elevate privileges       x         CVE-2023-40412 [important] Apple Neural Engine
The issue was addressed with improved memory handling.
An app may be able to execute arbitrary code with kernel privileges             x x CVE-2023-40409 [important] Apple Neural Engine
The issue was addressed with improved memory handling.
An app may be able to execute arbitrary code with kernel privileges             x x CVE-2023-41071 [important] Apple Neural Engine
A use-after-free issue was addressed with improved memory management.
An app may be able to execute arbitrary code with kernel privileges             x   CVE-2023-41996 [moderate] Sandbox
The issue was addressed with improved checks.
Apps that fail verification checks may still launch             x  

文章来源: https://isc.sans.edu/diary/rss/30252
如有侵权请联系:admin#unsafe.sh