From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>
Date: Tue, 05 Mar 2024 13:57:37 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-03-05-2024-2 iOS 16.7.6 and iPadOS 16.7.6
iOS 16.7.6 and iPadOS 16.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214082.
Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Additional CVE entries coming soon.
Kernel
Available for: iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation,
iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
Impact: An attacker with arbitrary kernel read and write capability may
be able to bypass kernel memory protections. Apple is aware of a report
that this issue may have been exploited.
Description: A memory corruption issue was addressed with improved
validation.
CVE-2024-23225
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.7.6 and iPadOS 16.7.6".
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmXnkPkACgkQX+5d1TXa
IvoR+A//Tv2WfSzQhGPt7KemBLGC8pt7grwqF5NGM7p5l1WIK2T3O89EyXczfXzy
SZk6Z/GTncXPISmWC1qcqUS2eF9s9zp4g6XwLpr1BRvAId9e2i2s6VwBoic7X3pd
ZpN9rd/Bk1RHNCy1yXvg0ucLmUA9+OfxhustC9rNxB+ce8G4anwmYcrQE0trTzDv
2rtAOrz4CV6hneruJUk8O5ZXK8q8tB+f+h2Co8zwAChvI0hpMx6CaP9B6T+JtoaX
2vbpLADvkGg72RtABPZ3/ff8Uh9a7w5Iea1ik2rdBCDsGb+GReIw78zOFypGMXlZ
eEPnRys6cmN+Jzo+FYa0VgUBGtY3zg7Xw11tVmJVCyKRPANR3QwxZLFwsgdxGw8y
nziF5CVt+qMYZwSxZW7uZKli5PUTTxzCBkS/W9wJwyEePcGYyu+LmNpJ251UVn4Y
EB2njLbv4RwSC3UsLqQFdSUdwI/M0iDNFWtRBcvE6uMhNpiJsLasyFmmEYnBQy0X
BnNAw+mT9gXaIuMSX/Z3D2h41muPLF/xfWDB4KpQTyz/cJDomKym8UPOU2YVyKeE
PI7CiWJppBOl4x+KpOJuw2gFhmCpZ53bkWqPBlroR/Mq5QSesNG1q7WyKerXBnCU
R7chgTqVzHEInXTwEEFJkG2coDPFI8FV4M5PXgdNcBIMRdcuum4=
=CEFc
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- APPLE-SA-03-05-2024-2 iOS 16.7.6 and iPadOS 16.7.6 Apple Product Security via Fulldisclosure (Mar 13)