From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>
Date: Wed, 11 Dec 2024 16:32:37 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
iOS 18.2 and iPadOS 18.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121837.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
AppleMobileFileIntegrity
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: A malicious app may be able to access private information
Description: The issue was addressed with improved checks.
CVE-2024-54526: Mickey Jin (@patch1t), Arsenii Kostromin (0x3c3e)
AppleMobileFileIntegrity
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved checks.
CVE-2024-54527: Mickey Jin (@patch1t)
Audio
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: Muting a call while ringing may not result in mute being enabled
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2024-54503: Micheal Chukwu and an anonymous researcher
Crash Reporter
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-54513: an anonymous researcher
FontParser
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: The issue was addressed with improved checks.
CVE-2024-54486: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
ImageIO
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: Processing a maliciously crafted image may result in disclosure
of process memory
Description: The issue was addressed with improved checks.
CVE-2024-54500: Junsung Lee working with Trend Micro Zero Day Initiative
Kernel
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An attacker may be able to create a read-only memory mapping
that can be written to
Description: A race condition was addressed with additional validation.
CVE-2024-54494: sohybbyk
Kernel
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An app may be able to leak sensitive kernel state
Description: A race condition was addressed with improved locking.
CVE-2024-54510: Joseph Ravichandran (@0xjprx) of MIT CSAIL
Kernel
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An app may be able to cause unexpected system termination or
corrupt kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2024-44245: an anonymous researcher
libexpat
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: A remote attacker may cause an unexpected app termination or
arbitrary code execution
Description: This is a vulnerability in open source code and Apple
Software is among the affected projects. The CVE-ID was assigned by a
third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2024-45490
libxpc
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An app may be able to break out of its sandbox
Description: The issue was addressed with improved checks.
CVE-2024-54514: an anonymous researcher
libxpc
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An app may be able to gain elevated privileges
Description: A logic issue was addressed with improved checks.
CVE-2024-44225: 风沐云烟(@binary_fmyy)
Passwords
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An attacker in a privileged network position may be able to
alter network traffic
Description: This issue was addressed by using HTTPS when sending
information over the network.
CVE-2024-54492: Talal Haj Bakry and Tommy Mysk of Mysk Inc. (@mysk_co)
Safari
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: On a device with Private Relay enabled, adding a website to the
Safari Reading List may reveal the originating IP address to the website
Description: The issue was addressed with improved routing of Safari-
originated requests.
CVE-2024-44246: Jacob Braun
SceneKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: Processing a maliciously crafted file may lead to a denial of
service
Description: The issue was addressed with improved checks.
CVE-2024-54501: Michael DePlante (@izobashi) of Trend Micro's Zero Day
Initiative
VoiceOver
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: An attacker with physical access to an iOS device may be able to
view notification content from the lock screen
Description: The issue was addressed by adding additional logic.
CVE-2024-54485: Abhay Kailasia (@abhay_kailasia) from C-DAC
Thiruvananthapuram India
WebKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 278497
CVE-2024-54479: Seunghyun Lee
WebKit Bugzilla: 281912
CVE-2024-54502: Brendon Tiszka of Google Project Zero
WebKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to an
unexpected process crash
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 282180
CVE-2024-54508: linjy of HKUS3Lab and chluo of WHUSecLab, Xiangwei Zhang
of Tencent Security YUNDING LAB
WebKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to memory
corruption
Description: A type confusion issue was addressed with improved memory
handling.
WebKit Bugzilla: 282661
CVE-2024-54505: Gary Kwong
WebKit
Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch
3rd generation and later, iPad Pro 11-inch 1st generation and later,
iPad Air 3rd generation and later, iPad 7th generation and later, and
iPad mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to memory
corruption
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 277967
CVE-2024-54534: Tashita Software Security
Additional recognition
Accessibility
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi
Narain College of Technology Bhopal India, Andr.Ess, Jake Derouin, Jason
Gendron (@gendron_jason) for their assistance.
App Protection
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi
Narain College of Technology Bhopal India for their assistance.
Calendar
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi
Narain College of Technology Bhopal India for their assistance.
FaceTime
We would like to acknowledge 椰椰 for their assistance.
FaceTime Foundation
We would like to acknowledge Joshua Pellecchia for their assistance.
Family Sharing
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi
Narain College of Technology Bhopal India, J T for their assistance.
Notes
We would like to acknowledge Katzenfutter for their assistance.
Photos
We would like to acknowledge Bistrit Dahal, Chi Yuan Chang of ZUSO ART
and taikosoup, Finlay James (@Finlay1010), Rizki Maulana
(rmrizki.my.id), Srijan Poudel for their assistance.
Photos Storage
We would like to acknowledge Jake Derouin (jakederouin.com) for their
assistance.
Proximity
We would like to acknowledge Junming C. (@Chapoly1305) and Prof. Qiang
Zeng of George Mason University for their assistance.
Quick Response
We would like to acknowledge an anonymous researcher for their
assistance.
Safari
We would like to acknowledge Jayateertha Guruprasad for their
assistance.
Safari Private Browsing
We would like to acknowledge Richard Hyunho Im (@richeeta) with Route
Zero Security for their assistance.
Settings
We would like to acknowledge Akshith Muddasani, Bistrit Dahal, Emanuele
Slusarz for their assistance.
Siri
We would like to acknowledge Srijan Poudel for their assistance.
Spotlight
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) from LNCT
Bhopal and C-DAC Thiruvananthapuram India for their assistance.
Status Bar
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi
Narain College of Technology Bhopal India, Andr.Ess for their
assistance.
Swift
We would like to acknowledge Marc Schoenefeld, Dr. rer. nat. for their
assistance.
Time Zone
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) from LNCT
Bhopal and C-DAC Thiruvananthapuram India for their assistance.
WebKit
We would like to acknowledge Hafiizh for their assistance.
WindowServer
We would like to acknowledge Felix Kratz for their assistance.
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/
iTunes and Software Update on the device will automatically check
Apple's update server on its weekly schedule. When an update is
detected, it is downloaded and the option to be installed is
presented to the user when the iOS device is docked. We recommend
applying the update immediately if possible. Selecting
Don't Install will present the option the next time you connect
your iOS device.
The automatic update process may take up to a week depending on
the day that iTunes or the device checks for updates. You may
manually obtain the update via the Check for Updates button
within iTunes, or the Software Update on your device.
To check that the iPhone, iPod touch, or iPad has been updated:
* Navigate to Settings
* Select General
* Select About. The version after applying this update will be
"iOS 18.2 and iPadOS 18.2".
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmdaAH4ACgkQX+5d1TXa
Ivq6Hg/+LuC42iaxKBZ9qfRik9FFAGF5AqCTUInoeulSZELYDr/lP0wOjRU6UlxX
vWiU5osKOV4xPgRMQM8Qm6dcK7D/kEQGaB91/a1P7HY5WWjxBpv4ZH+bvb2s+2Vu
uy/GMYWLDDLSnIA5WQ4azWdfeRxmEL85Ra+nJqHyb/JitLBr/PvroQaMcRAxYzW/
J+40ewdYAvLjLz9W7oqp8GCE3kvoaAbegWwSOCYq/d6ZFvPHHC/JPDAOE+0T71tF
aIjKAFdYh4L7Zn/NnlGzQhTtdhCYG1uLx1cDgH/JBaL7LPCHui2NiTsVogDKx9M+
hn//3iBXfGK24VdCZG5rmfrBPAttAiClFERYxwM+1W1EUj6VzLzdaHw5dN2TuRH5
mimjUnHgydsFYEEVNlWC/MqC6FPtUfDXMjATgWX2kfqxQ98Tg2skJcJR6AFPRTGA
Tag4NK2fRNSZvVPJxeuGjV0RzlsAX/+1aIjrcJ7u7zwQJ931gy5aPbI/fMuKlxlH
sIzf8W9ttM/mnYgvnrv3e2tqs5IQW4sunkkEiGYYF4gF4snp5gv52wy9IpZo9dHq
znJHiRU8rOrqX4edYZHrrEpxoIDqpIcXAbAtlgtDQIJMWftcIkweWtEvPqma4QWh
q+HDkWOlJjOZ0PqHAv8wVhNeHQaDMa9hhZJueFYurNIabYj/BKs=
=KmKJ
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2 Apple Product Security via Fulldisclosure (Dec 12)