VARIoT IoT vulnerabilities database
| VAR-202301-1721 | CVE-2023-23502 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3".
Information about the security content is also available at
https://support.apple.com/HT213605.
AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Ventura
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
dcerpc
Available for: macOS Ventura
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
DiskArbitration
Available for: macOS Ventura
Impact: An encrypted volume may be unmounted and remounted by a
different user without prompting for the password
Description: A logic issue was addressed with improved state
management.
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)
ImageIO
Available for: macOS Ventura
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Intel Graphics Driver
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23507: an anonymous researcher
Kernel
Available for: macOS Ventura
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
libxpc
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23506: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Mail Drafts
Available for: macOS Ventura
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
PackageKit
Available for: macOS Ventura
Impact: An app may be able to gain root privileges
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Safari
Available for: macOS Ventura
Impact: An app may be able to access a user’s Safari history
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23510: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Safari
Available for: macOS Ventura
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: macOS Ventura
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Vim
Available for: macOS Ventura
Impact: Multiple issues in Vim
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-3705
Weather
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Wi-Fi
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23501: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Windows Installer
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Bluetooth
We would like to acknowledge an anonymous researcher for their
assistance.
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
macOS Ventura 13.2 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
Nxnt7RAA2a0c/Ij93MfR8eiNMkIHVnr+wL+4rckVmHvs85dSHNBqQ8+kYpAs2tEk
7CVZoxAGg8LqVa6ZmBbAp5ZJGi2nV8LjOYzaWw/66d648QC2upTWJ93sWmZ7LlLb
m9pcLfBsdAFPmVa8VJO0fxJGkxsCP0cQiBl+f9R4ObZBBiScbHUckSmHa6Qn/Q2U
VsnHnJznAlDHMXiaV3O1zKBeahkqSx/IfO04qmk8oMWh89hI53S551Z3NEx63zgd
Cx8JENj2NpFlgmZ0w0Tz5ZZ3LT4Ok28ns8N762JLE2nbTfEl7rM+bjUfWg4yJ1Rp
TCEelbLKfUjlrh2N1fe0XWBs9br/069QlhTBBVd/qAbUBxkS/UOlWk3Vp+TI0bkK
rrXouRijzRmBBK93jfWxhyd27avqQHmc04ofjY/lNYOCcGMrr813cGKNs90aRfcg
joKeC51mYJnlTyMB0nDcJx3b5+MN+Ij7Sa04B9dbH162YFxp4LsaavmR0MooN1T9
3XrXEQ71a3pvdoF1ffW9Mz7vaqhBkffnzQwWU5zY2RwDTjFyHdNyI/1JkVzYmAxq
QR4uA5gCDYYk/3rzlrVot+ezHX525clTHsvEYhIfu+i1HCxqdpvfaHbn2m+i1QtU
/Lzz2mySt3y0akZ2rHwPfBZ8UFfvaauyhZ3EhSP3ikGs9DOsv1w=
=pcJ4
-----END PGP SIGNATURE-----
| VAR-202301-1796 | CVE-2023-22322 | Made by Omron CX-Motion Pro In XML External entity reference ( XXE ) vulnerability |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
Improper restriction of XML external entity reference (XXE) vulnerability exists in OMRON CX-Motion Pro 1.4.6.013 and earlier. If a user opens a specially crafted project file created by an attacker, sensitive information in the file system where CX-Motion Pro is installed may be disclosed. This vulnerability information is JPCERT/CC Report to JPCERT/CC Coordinated with the developer
| VAR-202301-1708 | CVE-2023-23512 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 6.5 Severity: MEDIUM |
The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Visiting a website may lead to an app denial-of-service. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Service operation interruption (DoS) It may be in a state.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-1 iOS 16.3 and iPadOS 16.3
iOS 16.3 and iPadOS 16.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213606.
AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
Mail Drafts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
Safari
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Weather
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Additional recognition
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl4ACgkQ4RjMIDke
NxniSRAAoaTuBBV5jk91bJapaGf/pqZV+h9vAV9B7sHzBRaJRq5fnoEm+Kdg6fS4
XZtTWhB9NXekrujHVMZC/AvboChvc94r1/qoF6vhVu1YYaDJkryFMlX4lbk5Jz7h
k3gXHCpdARbburX46g0Fi9M6bL6dzG/6f4LG9L27dno5G/lcjHY9ylSnHHwuFcva
7kH2os9FmD3JMiopLwNKymfN1Z5AgC9TrDfztOcUChULBSxtx3eOP1+HWbpuQ6go
vnEzAnnpoBl09f7EMfgGu4FpZiThsfFUCXNkdl23E+i8PrdRWW17Nqoqrnvb74pF
jWOaelBBCdNee7TpfgfkGKT/PVADdoLdYmB5tqowvNWBfJ7ymB0Cir9BX74Iu0ld
OcV49WJO4tr5swBF/Tgqx/k8dl8gj56g4tq+O+5TZZS42ep0l5JKgbpQtcGtujMZ
CagKnA1+TM53yaSX6CJG/B09PnIUIow3jsx+FQlCUPo1Nl/kDWKLcZ7C9dIHjgaV
Z9SZ5g0nalb5J4BY6wjuq/46FTewOH0bpGj5j992cNYM4aYUBDWvziXnlawuFzrw
/tzA8xO2DUTpNPDdxixVfAIn9cp/VXK1mrj5BEGYXphvog+5E4vGDx9Ejth9qOSl
zf1GlpaiipDI/bUjUz+A664r7/y88ulO8xB0xaANzr3xjwWI5JA=
=sqSC
-----END PGP SIGNATURE-----
| VAR-202301-1717 | CVE-2023-23503 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be tampered with.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3".
Information about the security content is also available at
https://support.apple.com/HT213605.
AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Ventura
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
dcerpc
Available for: macOS Ventura
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
DiskArbitration
Available for: macOS Ventura
Impact: An encrypted volume may be unmounted and remounted by a
different user without prompting for the password
Description: A logic issue was addressed with improved state
management.
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)
ImageIO
Available for: macOS Ventura
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Intel Graphics Driver
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23507: an anonymous researcher
Kernel
Available for: macOS Ventura
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
libxpc
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23506: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Mail Drafts
Available for: macOS Ventura
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Safari
Available for: macOS Ventura
Impact: An app may be able to access a user’s Safari history
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23510: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Safari
Available for: macOS Ventura
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: macOS Ventura
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Vim
Available for: macOS Ventura
Impact: Multiple issues in Vim
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-3705
Weather
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Wi-Fi
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23501: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Windows Installer
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Bluetooth
We would like to acknowledge an anonymous researcher for their
assistance.
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
macOS Ventura 13.2 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
Nxnt7RAA2a0c/Ij93MfR8eiNMkIHVnr+wL+4rckVmHvs85dSHNBqQ8+kYpAs2tEk
7CVZoxAGg8LqVa6ZmBbAp5ZJGi2nV8LjOYzaWw/66d648QC2upTWJ93sWmZ7LlLb
m9pcLfBsdAFPmVa8VJO0fxJGkxsCP0cQiBl+f9R4ObZBBiScbHUckSmHa6Qn/Q2U
VsnHnJznAlDHMXiaV3O1zKBeahkqSx/IfO04qmk8oMWh89hI53S551Z3NEx63zgd
Cx8JENj2NpFlgmZ0w0Tz5ZZ3LT4Ok28ns8N762JLE2nbTfEl7rM+bjUfWg4yJ1Rp
TCEelbLKfUjlrh2N1fe0XWBs9br/069QlhTBBVd/qAbUBxkS/UOlWk3Vp+TI0bkK
rrXouRijzRmBBK93jfWxhyd27avqQHmc04ofjY/lNYOCcGMrr813cGKNs90aRfcg
joKeC51mYJnlTyMB0nDcJx3b5+MN+Ij7Sa04B9dbH162YFxp4LsaavmR0MooN1T9
3XrXEQ71a3pvdoF1ffW9Mz7vaqhBkffnzQwWU5zY2RwDTjFyHdNyI/1JkVzYmAxq
QR4uA5gCDYYk/3rzlrVot+ezHX525clTHsvEYhIfu+i1HCxqdpvfaHbn2m+i1QtU
/Lzz2mySt3y0akZ2rHwPfBZ8UFfvaauyhZ3EhSP3ikGs9DOsv1w=
=pcJ4
-----END PGP SIGNATURE-----
| VAR-202301-1703 | CVE-2023-23517 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Safari , iPadOS , iOS Unspecified vulnerabilities exist in multiple Apple products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
For the stable distribution (bullseye), these problems have been fixed in
version 2.38.4-2~deb11u1.
We recommend that you upgrade your webkit2gtk packages.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Big Sur
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.85.0.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-1 iOS 16.3 and iPadOS 16.3
iOS 16.3 and iPadOS 16.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213606.
AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
Mail Drafts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
Safari
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Weather
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Additional recognition
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl4ACgkQ4RjMIDke
NxniSRAAoaTuBBV5jk91bJapaGf/pqZV+h9vAV9B7sHzBRaJRq5fnoEm+Kdg6fS4
XZtTWhB9NXekrujHVMZC/AvboChvc94r1/qoF6vhVu1YYaDJkryFMlX4lbk5Jz7h
k3gXHCpdARbburX46g0Fi9M6bL6dzG/6f4LG9L27dno5G/lcjHY9ylSnHHwuFcva
7kH2os9FmD3JMiopLwNKymfN1Z5AgC9TrDfztOcUChULBSxtx3eOP1+HWbpuQ6go
vnEzAnnpoBl09f7EMfgGu4FpZiThsfFUCXNkdl23E+i8PrdRWW17Nqoqrnvb74pF
jWOaelBBCdNee7TpfgfkGKT/PVADdoLdYmB5tqowvNWBfJ7ymB0Cir9BX74Iu0ld
OcV49WJO4tr5swBF/Tgqx/k8dl8gj56g4tq+O+5TZZS42ep0l5JKgbpQtcGtujMZ
CagKnA1+TM53yaSX6CJG/B09PnIUIow3jsx+FQlCUPo1Nl/kDWKLcZ7C9dIHjgaV
Z9SZ5g0nalb5J4BY6wjuq/46FTewOH0bpGj5j992cNYM4aYUBDWvziXnlawuFzrw
/tzA8xO2DUTpNPDdxixVfAIn9cp/VXK1mrj5BEGYXphvog+5E4vGDx9Ejth9qOSl
zf1GlpaiipDI/bUjUz+A664r7/y88ulO8xB0xaANzr3xjwWI5JA=
=sqSC
-----END PGP SIGNATURE-----
.
Safari 16.3 may be obtained from the Mac App Store. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202305-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: WebKitGTK+: Multiple Vulnerabilities
Date: May 30, 2023
Bugs: #871732, #879571, #888563, #905346, #905349, #905351
ID: 202305-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in arbitrary code execution.
Affected packages
================
Package Vulnerable Unaffected
------------------- ------------ ------------
net-libs/webkit-gtk < 2.40.1 >= 2.40.1
Description
==========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.40.1"
References
=========
[ 1 ] CVE-2022-32885
https://nvd.nist.gov/vuln/detail/CVE-2022-32885
[ 2 ] CVE-2022-32886
https://nvd.nist.gov/vuln/detail/CVE-2022-32886
[ 3 ] CVE-2022-32888
https://nvd.nist.gov/vuln/detail/CVE-2022-32888
[ 4 ] CVE-2022-32891
https://nvd.nist.gov/vuln/detail/CVE-2022-32891
[ 5 ] CVE-2022-32923
https://nvd.nist.gov/vuln/detail/CVE-2022-32923
[ 6 ] CVE-2022-42799
https://nvd.nist.gov/vuln/detail/CVE-2022-42799
[ 7 ] CVE-2022-42823
https://nvd.nist.gov/vuln/detail/CVE-2022-42823
[ 8 ] CVE-2022-42824
https://nvd.nist.gov/vuln/detail/CVE-2022-42824
[ 9 ] CVE-2022-42826
https://nvd.nist.gov/vuln/detail/CVE-2022-42826
[ 10 ] CVE-2022-42852
https://nvd.nist.gov/vuln/detail/CVE-2022-42852
[ 11 ] CVE-2022-42856
https://nvd.nist.gov/vuln/detail/CVE-2022-42856
[ 12 ] CVE-2022-42863
https://nvd.nist.gov/vuln/detail/CVE-2022-42863
[ 13 ] CVE-2022-42867
https://nvd.nist.gov/vuln/detail/CVE-2022-42867
[ 14 ] CVE-2022-46691
https://nvd.nist.gov/vuln/detail/CVE-2022-46691
[ 15 ] CVE-2022-46692
https://nvd.nist.gov/vuln/detail/CVE-2022-46692
[ 16 ] CVE-2022-46698
https://nvd.nist.gov/vuln/detail/CVE-2022-46698
[ 17 ] CVE-2022-46699
https://nvd.nist.gov/vuln/detail/CVE-2022-46699
[ 18 ] CVE-2022-46700
https://nvd.nist.gov/vuln/detail/CVE-2022-46700
[ 19 ] CVE-2023-23517
https://nvd.nist.gov/vuln/detail/CVE-2023-23517
[ 20 ] CVE-2023-23518
https://nvd.nist.gov/vuln/detail/CVE-2023-23518
[ 21 ] CVE-2023-23529
https://nvd.nist.gov/vuln/detail/CVE-2023-23529
[ 22 ] CVE-2023-25358
https://nvd.nist.gov/vuln/detail/CVE-2023-25358
[ 23 ] CVE-2023-25360
https://nvd.nist.gov/vuln/detail/CVE-2023-25360
[ 24 ] CVE-2023-25361
https://nvd.nist.gov/vuln/detail/CVE-2023-25361
[ 25 ] CVE-2023-25362
https://nvd.nist.gov/vuln/detail/CVE-2023-25362
[ 26 ] CVE-2023-25363
https://nvd.nist.gov/vuln/detail/CVE-2023-25363
[ 27 ] CVE-2023-27932
https://nvd.nist.gov/vuln/detail/CVE-2023-27932
[ 28 ] CVE-2023-27954
https://nvd.nist.gov/vuln/detail/CVE-2023-27954
[ 29 ] CVE-2023-28205
https://nvd.nist.gov/vuln/detail/CVE-2023-28205
[ 30 ] WSA-2022-0009
https://webkitgtk.org/security/WSA-2022-0009.html
[ 31 ] WSA-2022-0010
https://webkitgtk.org/security/WSA-2022-0010.html
[ 32 ] WSA-2023-0001
https://webkitgtk.org/security/WSA-2023-0001.html
[ 33 ] WSA-2023-0002
https://webkitgtk.org/security/WSA-2023-0002.html
[ 34 ] WSA-2023-0003
https://webkitgtk.org/security/WSA-2023-0003.html
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202305-32
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2023 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: webkit2gtk3 security and bug fix update
Advisory ID: RHSA-2023:2256-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:2256
Issue date: 2023-05-09
CVE Names: CVE-2022-32886 CVE-2022-32888 CVE-2022-32923
CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
CVE-2022-42826 CVE-2022-42852 CVE-2022-42863
CVE-2022-42867 CVE-2022-46691 CVE-2022-46692
CVE-2022-46698 CVE-2022-46699 CVE-2022-46700
CVE-2023-23517 CVE-2023-23518 CVE-2023-25358
CVE-2023-25360 CVE-2023-25361 CVE-2023-25362
CVE-2023-25363
====================================================================
1. Summary:
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64
3. Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 9.2 Release Notes linked from the References section. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux AppStream (v. 9):
Source:
webkit2gtk3-2.38.5-1.el9.src.rpm
aarch64:
webkit2gtk3-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
ppc64le:
webkit2gtk3-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
s390x:
webkit2gtk3-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.s390x.rpm
x86_64:
webkit2gtk3-2.38.5-1.el9.i686.rpm
webkit2gtk3-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.i686.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-32886
https://access.redhat.com/security/cve/CVE-2022-32888
https://access.redhat.com/security/cve/CVE-2022-32923
https://access.redhat.com/security/cve/CVE-2022-42799
https://access.redhat.com/security/cve/CVE-2022-42823
https://access.redhat.com/security/cve/CVE-2022-42824
https://access.redhat.com/security/cve/CVE-2022-42826
https://access.redhat.com/security/cve/CVE-2022-42852
https://access.redhat.com/security/cve/CVE-2022-42863
https://access.redhat.com/security/cve/CVE-2022-42867
https://access.redhat.com/security/cve/CVE-2022-46691
https://access.redhat.com/security/cve/CVE-2022-46692
https://access.redhat.com/security/cve/CVE-2022-46698
https://access.redhat.com/security/cve/CVE-2022-46699
https://access.redhat.com/security/cve/CVE-2022-46700
https://access.redhat.com/security/cve/CVE-2023-23517
https://access.redhat.com/security/cve/CVE-2023-23518
https://access.redhat.com/security/cve/CVE-2023-25358
https://access.redhat.com/security/cve/CVE-2023-25360
https://access.redhat.com/security/cve/CVE-2023-25361
https://access.redhat.com/security/cve/CVE-2023-25362
https://access.redhat.com/security/cve/CVE-2023-25363
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc
| VAR-202301-1715 | CVE-2023-23519 | Out-of-bounds write vulnerability in multiple Apple products |
CVSS V2: - CVSS V3: 7.5 Severity: HIGH |
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing an image may lead to a denial-of-service. iPadOS , iOS , macOS Multiple Apple products have an out-of-bounds write vulnerability.Service operation interruption (DoS) It may be in a state. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Apple macOS. Interaction with the ImageIO framework is required to exploit this vulnerability but attack vectors may vary depending on the implementation.The specific flaw exists within the ImageIO framework. Crafted data in a KTX image can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-1 iOS 16.3 and iPadOS 16.3
iOS 16.3 and iPadOS 16.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213606.
AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
Mail Drafts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
Safari
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Weather
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Additional recognition
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl4ACgkQ4RjMIDke
NxniSRAAoaTuBBV5jk91bJapaGf/pqZV+h9vAV9B7sHzBRaJRq5fnoEm+Kdg6fS4
XZtTWhB9NXekrujHVMZC/AvboChvc94r1/qoF6vhVu1YYaDJkryFMlX4lbk5Jz7h
k3gXHCpdARbburX46g0Fi9M6bL6dzG/6f4LG9L27dno5G/lcjHY9ylSnHHwuFcva
7kH2os9FmD3JMiopLwNKymfN1Z5AgC9TrDfztOcUChULBSxtx3eOP1+HWbpuQ6go
vnEzAnnpoBl09f7EMfgGu4FpZiThsfFUCXNkdl23E+i8PrdRWW17Nqoqrnvb74pF
jWOaelBBCdNee7TpfgfkGKT/PVADdoLdYmB5tqowvNWBfJ7ymB0Cir9BX74Iu0ld
OcV49WJO4tr5swBF/Tgqx/k8dl8gj56g4tq+O+5TZZS42ep0l5JKgbpQtcGtujMZ
CagKnA1+TM53yaSX6CJG/B09PnIUIow3jsx+FQlCUPo1Nl/kDWKLcZ7C9dIHjgaV
Z9SZ5g0nalb5J4BY6wjuq/46FTewOH0bpGj5j992cNYM4aYUBDWvziXnlawuFzrw
/tzA8xO2DUTpNPDdxixVfAIn9cp/VXK1mrj5BEGYXphvog+5E4vGDx9Ejth9qOSl
zf1GlpaiipDI/bUjUz+A664r7/y88ulO8xB0xaANzr3xjwWI5JA=
=sqSC
-----END PGP SIGNATURE-----
| VAR-202301-1711 | CVE-2023-23511 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to bypass Privacy preferences. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be tampered with.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-1 iOS 16.3 and iPadOS 16.3
iOS 16.3 and iPadOS 16.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213606.
AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
Mail Drafts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
Safari
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Weather
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Additional recognition
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl4ACgkQ4RjMIDke
NxniSRAAoaTuBBV5jk91bJapaGf/pqZV+h9vAV9B7sHzBRaJRq5fnoEm+Kdg6fS4
XZtTWhB9NXekrujHVMZC/AvboChvc94r1/qoF6vhVu1YYaDJkryFMlX4lbk5Jz7h
k3gXHCpdARbburX46g0Fi9M6bL6dzG/6f4LG9L27dno5G/lcjHY9ylSnHHwuFcva
7kH2os9FmD3JMiopLwNKymfN1Z5AgC9TrDfztOcUChULBSxtx3eOP1+HWbpuQ6go
vnEzAnnpoBl09f7EMfgGu4FpZiThsfFUCXNkdl23E+i8PrdRWW17Nqoqrnvb74pF
jWOaelBBCdNee7TpfgfkGKT/PVADdoLdYmB5tqowvNWBfJ7ymB0Cir9BX74Iu0ld
OcV49WJO4tr5swBF/Tgqx/k8dl8gj56g4tq+O+5TZZS42ep0l5JKgbpQtcGtujMZ
CagKnA1+TM53yaSX6CJG/B09PnIUIow3jsx+FQlCUPo1Nl/kDWKLcZ7C9dIHjgaV
Z9SZ5g0nalb5J4BY6wjuq/46FTewOH0bpGj5j992cNYM4aYUBDWvziXnlawuFzrw
/tzA8xO2DUTpNPDdxixVfAIn9cp/VXK1mrj5BEGYXphvog+5E4vGDx9Ejth9qOSl
zf1GlpaiipDI/bUjUz+A664r7/y88ulO8xB0xaANzr3xjwWI5JA=
=sqSC
-----END PGP SIGNATURE-----
| VAR-202301-1718 | CVE-2023-23518 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Safari , iPadOS , iOS Unspecified vulnerabilities exist in multiple Apple products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
For the stable distribution (bullseye), these problems have been fixed in
version 2.38.4-1~deb11u1.
We recommend that you upgrade your wpewebkit packages.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Big Sur
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.85.0. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-7 watchOS 9.3
watchOS 9.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213599.
AppleMobileFileIntegrity
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Regula of SecuRing (wojciechregula.blog)
ImageIO
Available for: Apple Watch Series 4 and later
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
Maps
Available for: Apple Watch Series 4 and later
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
Safari
Available for: Apple Watch Series 4 and later
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Weather
Available for: Apple Watch Series 4 and later
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: Apple Watch Series 4 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Additional recognition
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPImAACgkQ4RjMIDke
NxlPXQ//eXfTfjIg6Y/1b0u3+Ht29Qjn7kw6Gh296lh6jlGatQ8zXyk1dGl6MKcp
ZTc7DFfL1VUN6MovOqW5qcR+MIV6hDiUd54ncDgjCXdHrtTG+bYchX5CJf5IIb67
gZP/2bBt4PQ+PHm3KqXPp7QauJWYD1d7AHChwqEbYchHxvgedB7Pu6nJvG3bnFmh
8ny/xrFEhtIDahw4MbicvK847aVpXyH6NxEoRY+8b9/4VocttfUPwMkGZTkVt/tz
9qfmKgjWpX2mTP9iaLlZdCUV/I4HcjTW0/nkDoaTBVDLW96DSeIo4nMM3qkcygRl
TPVlvm+3Nenib1b6PZ71B26IJbmGdwR02SEpUPDDXbTGZeWmcyXe7ncvwSIbcGRI
sPGMq6mEPi+rKTXKZeqPSDFnUlZJna2aNg9fPL9AZ1gwfNSbuhh5ZKQ9AAWA+k51
4QtoReAKUXinl8vr7BNVQSJSiZLMdgph4nCTYk1RA/VHDPjwaAJehDFUqKKKTuvp
h59J8OSw0HaWP2NcMEglO4/EXj09E3gfveQ74KtG+eDbBMKa+RArIgOZZaDOk2F1
6Fs316bNBI9tMxP34gFEvexTTBuQpoR/76pSQajlaSdas5Jeub2QeJVHkBPMdatD
HBbjpZhu4JcYqDVSDt58Ra5IsaM+OLkhvvCfi+UYxOiyZis3gn8=
=/vLS
-----END PGP SIGNATURE-----
. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 202305-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: High
Title: WebKitGTK+: Multiple Vulnerabilities
Date: May 30, 2023
Bugs: #871732, #879571, #888563, #905346, #905349, #905351
ID: 202305-32
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Synopsis
=======
Multiple vulnerabilities have been found in WebkitGTK+, the worst of
which could result in arbitrary code execution.
Affected packages
================
Package Vulnerable Unaffected
------------------- ------------ ------------
net-libs/webkit-gtk < 2.40.1 >= 2.40.1
Description
==========
Multiple vulnerabilities have been discovered in WebKitGTK+. Please
review the CVE identifiers referenced below for details.
Impact
=====
Please review the referenced CVE identifiers for details.
Workaround
=========
There is no known workaround at this time.
Resolution
=========
All WebKitGTK+ users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.40.1"
References
=========
[ 1 ] CVE-2022-32885
https://nvd.nist.gov/vuln/detail/CVE-2022-32885
[ 2 ] CVE-2022-32886
https://nvd.nist.gov/vuln/detail/CVE-2022-32886
[ 3 ] CVE-2022-32888
https://nvd.nist.gov/vuln/detail/CVE-2022-32888
[ 4 ] CVE-2022-32891
https://nvd.nist.gov/vuln/detail/CVE-2022-32891
[ 5 ] CVE-2022-32923
https://nvd.nist.gov/vuln/detail/CVE-2022-32923
[ 6 ] CVE-2022-42799
https://nvd.nist.gov/vuln/detail/CVE-2022-42799
[ 7 ] CVE-2022-42823
https://nvd.nist.gov/vuln/detail/CVE-2022-42823
[ 8 ] CVE-2022-42824
https://nvd.nist.gov/vuln/detail/CVE-2022-42824
[ 9 ] CVE-2022-42826
https://nvd.nist.gov/vuln/detail/CVE-2022-42826
[ 10 ] CVE-2022-42852
https://nvd.nist.gov/vuln/detail/CVE-2022-42852
[ 11 ] CVE-2022-42856
https://nvd.nist.gov/vuln/detail/CVE-2022-42856
[ 12 ] CVE-2022-42863
https://nvd.nist.gov/vuln/detail/CVE-2022-42863
[ 13 ] CVE-2022-42867
https://nvd.nist.gov/vuln/detail/CVE-2022-42867
[ 14 ] CVE-2022-46691
https://nvd.nist.gov/vuln/detail/CVE-2022-46691
[ 15 ] CVE-2022-46692
https://nvd.nist.gov/vuln/detail/CVE-2022-46692
[ 16 ] CVE-2022-46698
https://nvd.nist.gov/vuln/detail/CVE-2022-46698
[ 17 ] CVE-2022-46699
https://nvd.nist.gov/vuln/detail/CVE-2022-46699
[ 18 ] CVE-2022-46700
https://nvd.nist.gov/vuln/detail/CVE-2022-46700
[ 19 ] CVE-2023-23517
https://nvd.nist.gov/vuln/detail/CVE-2023-23517
[ 20 ] CVE-2023-23518
https://nvd.nist.gov/vuln/detail/CVE-2023-23518
[ 21 ] CVE-2023-23529
https://nvd.nist.gov/vuln/detail/CVE-2023-23529
[ 22 ] CVE-2023-25358
https://nvd.nist.gov/vuln/detail/CVE-2023-25358
[ 23 ] CVE-2023-25360
https://nvd.nist.gov/vuln/detail/CVE-2023-25360
[ 24 ] CVE-2023-25361
https://nvd.nist.gov/vuln/detail/CVE-2023-25361
[ 25 ] CVE-2023-25362
https://nvd.nist.gov/vuln/detail/CVE-2023-25362
[ 26 ] CVE-2023-25363
https://nvd.nist.gov/vuln/detail/CVE-2023-25363
[ 27 ] CVE-2023-27932
https://nvd.nist.gov/vuln/detail/CVE-2023-27932
[ 28 ] CVE-2023-27954
https://nvd.nist.gov/vuln/detail/CVE-2023-27954
[ 29 ] CVE-2023-28205
https://nvd.nist.gov/vuln/detail/CVE-2023-28205
[ 30 ] WSA-2022-0009
https://webkitgtk.org/security/WSA-2022-0009.html
[ 31 ] WSA-2022-0010
https://webkitgtk.org/security/WSA-2022-0010.html
[ 32 ] WSA-2023-0001
https://webkitgtk.org/security/WSA-2023-0001.html
[ 33 ] WSA-2023-0002
https://webkitgtk.org/security/WSA-2023-0002.html
[ 34 ] WSA-2023-0003
https://webkitgtk.org/security/WSA-2023-0003.html
Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:
https://security.gentoo.org/glsa/202305-32
Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.
License
======
Copyright 2023 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).
The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.
https://creativecommons.org/licenses/by-sa/2.5
. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: webkit2gtk3 security and bug fix update
Advisory ID: RHSA-2023:2256-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2023:2256
Issue date: 2023-05-09
CVE Names: CVE-2022-32886 CVE-2022-32888 CVE-2022-32923
CVE-2022-42799 CVE-2022-42823 CVE-2022-42824
CVE-2022-42826 CVE-2022-42852 CVE-2022-42863
CVE-2022-42867 CVE-2022-46691 CVE-2022-46692
CVE-2022-46698 CVE-2022-46699 CVE-2022-46700
CVE-2023-23517 CVE-2023-23518 CVE-2023-25358
CVE-2023-25360 CVE-2023-25361 CVE-2023-25362
CVE-2023-25363
====================================================================
1. Summary:
An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64
3. Description:
WebKitGTK is the port of the portable web rendering engine WebKit to the
GTK platform.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 9.2 Release Notes linked from the References section. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Package List:
Red Hat Enterprise Linux AppStream (v. 9):
Source:
webkit2gtk3-2.38.5-1.el9.src.rpm
aarch64:
webkit2gtk3-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.aarch64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.aarch64.rpm
ppc64le:
webkit2gtk3-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.ppc64le.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm
s390x:
webkit2gtk3-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.s390x.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.s390x.rpm
x86_64:
webkit2gtk3-2.38.5-1.el9.i686.rpm
webkit2gtk3-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.i686.rpm
webkit2gtk3-debugsource-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-2.38.5-1.el9.x86_64.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.i686.rpm
webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2022-32886
https://access.redhat.com/security/cve/CVE-2022-32888
https://access.redhat.com/security/cve/CVE-2022-32923
https://access.redhat.com/security/cve/CVE-2022-42799
https://access.redhat.com/security/cve/CVE-2022-42823
https://access.redhat.com/security/cve/CVE-2022-42824
https://access.redhat.com/security/cve/CVE-2022-42826
https://access.redhat.com/security/cve/CVE-2022-42852
https://access.redhat.com/security/cve/CVE-2022-42863
https://access.redhat.com/security/cve/CVE-2022-42867
https://access.redhat.com/security/cve/CVE-2022-46691
https://access.redhat.com/security/cve/CVE-2022-46692
https://access.redhat.com/security/cve/CVE-2022-46698
https://access.redhat.com/security/cve/CVE-2022-46699
https://access.redhat.com/security/cve/CVE-2022-46700
https://access.redhat.com/security/cve/CVE-2023-23517
https://access.redhat.com/security/cve/CVE-2023-23518
https://access.redhat.com/security/cve/CVE-2023-25358
https://access.redhat.com/security/cve/CVE-2023-25360
https://access.redhat.com/security/cve/CVE-2023-25361
https://access.redhat.com/security/cve/CVE-2023-25362
https://access.redhat.com/security/cve/CVE-2023-25363
https://access.redhat.com/security/updates/classification/#important
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2023 Red Hat, Inc
| VAR-202301-1706 | CVE-2023-23500 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3. An app may be able to leak sensitive kernel state. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3".
Information about the security content is also available at
https://support.apple.com/HT213605.
AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Ventura
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
dcerpc
Available for: macOS Ventura
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
DiskArbitration
Available for: macOS Ventura
Impact: An encrypted volume may be unmounted and remounted by a
different user without prompting for the password
Description: A logic issue was addressed with improved state
management.
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)
ImageIO
Available for: macOS Ventura
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Intel Graphics Driver
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
libxpc
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23506: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Mail Drafts
Available for: macOS Ventura
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
PackageKit
Available for: macOS Ventura
Impact: An app may be able to gain root privileges
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Safari
Available for: macOS Ventura
Impact: An app may be able to access a user’s Safari history
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23510: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Safari
Available for: macOS Ventura
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: macOS Ventura
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Vim
Available for: macOS Ventura
Impact: Multiple issues in Vim
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-3705
Weather
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Wi-Fi
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23501: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Windows Installer
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Bluetooth
We would like to acknowledge an anonymous researcher for their
assistance.
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
macOS Ventura 13.2 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
Nxnt7RAA2a0c/Ij93MfR8eiNMkIHVnr+wL+4rckVmHvs85dSHNBqQ8+kYpAs2tEk
7CVZoxAGg8LqVa6ZmBbAp5ZJGi2nV8LjOYzaWw/66d648QC2upTWJ93sWmZ7LlLb
m9pcLfBsdAFPmVa8VJO0fxJGkxsCP0cQiBl+f9R4ObZBBiScbHUckSmHa6Qn/Q2U
VsnHnJznAlDHMXiaV3O1zKBeahkqSx/IfO04qmk8oMWh89hI53S551Z3NEx63zgd
Cx8JENj2NpFlgmZ0w0Tz5ZZ3LT4Ok28ns8N762JLE2nbTfEl7rM+bjUfWg4yJ1Rp
TCEelbLKfUjlrh2N1fe0XWBs9br/069QlhTBBVd/qAbUBxkS/UOlWk3Vp+TI0bkK
rrXouRijzRmBBK93jfWxhyd27avqQHmc04ofjY/lNYOCcGMrr813cGKNs90aRfcg
joKeC51mYJnlTyMB0nDcJx3b5+MN+Ij7Sa04B9dbH162YFxp4LsaavmR0MooN1T9
3XrXEQ71a3pvdoF1ffW9Mz7vaqhBkffnzQwWU5zY2RwDTjFyHdNyI/1JkVzYmAxq
QR4uA5gCDYYk/3rzlrVot+ezHX525clTHsvEYhIfu+i1HCxqdpvfaHbn2m+i1QtU
/Lzz2mySt3y0akZ2rHwPfBZ8UFfvaauyhZ3EhSP3ikGs9DOsv1w=
=pcJ4
-----END PGP SIGNATURE-----
| VAR-202301-1710 | CVE-2023-23504 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-1 iOS 16.3 and iPadOS 16.3
iOS 16.3 and iPadOS 16.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213606.
AppleMobileFileIntegrity
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
Mail Drafts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
Safari
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Weather
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Additional recognition
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl4ACgkQ4RjMIDke
NxniSRAAoaTuBBV5jk91bJapaGf/pqZV+h9vAV9B7sHzBRaJRq5fnoEm+Kdg6fS4
XZtTWhB9NXekrujHVMZC/AvboChvc94r1/qoF6vhVu1YYaDJkryFMlX4lbk5Jz7h
k3gXHCpdARbburX46g0Fi9M6bL6dzG/6f4LG9L27dno5G/lcjHY9ylSnHHwuFcva
7kH2os9FmD3JMiopLwNKymfN1Z5AgC9TrDfztOcUChULBSxtx3eOP1+HWbpuQ6go
vnEzAnnpoBl09f7EMfgGu4FpZiThsfFUCXNkdl23E+i8PrdRWW17Nqoqrnvb74pF
jWOaelBBCdNee7TpfgfkGKT/PVADdoLdYmB5tqowvNWBfJ7ymB0Cir9BX74Iu0ld
OcV49WJO4tr5swBF/Tgqx/k8dl8gj56g4tq+O+5TZZS42ep0l5JKgbpQtcGtujMZ
CagKnA1+TM53yaSX6CJG/B09PnIUIow3jsx+FQlCUPo1Nl/kDWKLcZ7C9dIHjgaV
Z9SZ5g0nalb5J4BY6wjuq/46FTewOH0bpGj5j992cNYM4aYUBDWvziXnlawuFzrw
/tzA8xO2DUTpNPDdxixVfAIn9cp/VXK1mrj5BEGYXphvog+5E4vGDx9Ejth9qOSl
zf1GlpaiipDI/bUjUz+A664r7/y88ulO8xB0xaANzr3xjwWI5JA=
=sqSC
-----END PGP SIGNATURE-----
| VAR-202301-1722 | CVE-2023-23499 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. An app may be able to access user-sensitive data. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-4 macOS Ventura 13.2
macOS Ventura 13.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213605.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Ventura
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
dcerpc
Available for: macOS Ventura
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
DiskArbitration
Available for: macOS Ventura
Impact: An encrypted volume may be unmounted and remounted by a
different user without prompting for the password
Description: A logic issue was addressed with improved state
management.
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)
ImageIO
Available for: macOS Ventura
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Intel Graphics Driver
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23507: an anonymous researcher
Kernel
Available for: macOS Ventura
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
libxpc
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23506: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Mail Drafts
Available for: macOS Ventura
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
PackageKit
Available for: macOS Ventura
Impact: An app may be able to gain root privileges
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Safari
Available for: macOS Ventura
Impact: An app may be able to access a user’s Safari history
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23510: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Safari
Available for: macOS Ventura
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: macOS Ventura
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Vim
Available for: macOS Ventura
Impact: Multiple issues in Vim
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-3705
Weather
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Wi-Fi
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23501: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Windows Installer
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Bluetooth
We would like to acknowledge an anonymous researcher for their
assistance.
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
macOS Ventura 13.2 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
Nxnt7RAA2a0c/Ij93MfR8eiNMkIHVnr+wL+4rckVmHvs85dSHNBqQ8+kYpAs2tEk
7CVZoxAGg8LqVa6ZmBbAp5ZJGi2nV8LjOYzaWw/66d648QC2upTWJ93sWmZ7LlLb
m9pcLfBsdAFPmVa8VJO0fxJGkxsCP0cQiBl+f9R4ObZBBiScbHUckSmHa6Qn/Q2U
VsnHnJznAlDHMXiaV3O1zKBeahkqSx/IfO04qmk8oMWh89hI53S551Z3NEx63zgd
Cx8JENj2NpFlgmZ0w0Tz5ZZ3LT4Ok28ns8N762JLE2nbTfEl7rM+bjUfWg4yJ1Rp
TCEelbLKfUjlrh2N1fe0XWBs9br/069QlhTBBVd/qAbUBxkS/UOlWk3Vp+TI0bkK
rrXouRijzRmBBK93jfWxhyd27avqQHmc04ofjY/lNYOCcGMrr813cGKNs90aRfcg
joKeC51mYJnlTyMB0nDcJx3b5+MN+Ij7Sa04B9dbH162YFxp4LsaavmR0MooN1T9
3XrXEQ71a3pvdoF1ffW9Mz7vaqhBkffnzQwWU5zY2RwDTjFyHdNyI/1JkVzYmAxq
QR4uA5gCDYYk/3rzlrVot+ezHX525clTHsvEYhIfu+i1HCxqdpvfaHbn2m+i1QtU
/Lzz2mySt3y0akZ2rHwPfBZ8UFfvaauyhZ3EhSP3ikGs9DOsv1w=
=pcJ4
-----END PGP SIGNATURE-----
| VAR-202301-1704 | CVE-2023-23496 | Vulnerabilities in multiple Apple products |
CVSS V2: - CVSS V3: 8.8 Severity: HIGH |
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Safari , iPadOS , iOS Unspecified vulnerabilities exist in multiple Apple products.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About". Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16.3 and iPadOS 16.3". -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-4 macOS Ventura 13.2
macOS Ventura 13.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213605.
AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Ventura
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
dcerpc
Available for: macOS Ventura
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
DiskArbitration
Available for: macOS Ventura
Impact: An encrypted volume may be unmounted and remounted by a
different user without prompting for the password
Description: A logic issue was addressed with improved state
management.
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)
ImageIO
Available for: macOS Ventura
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Intel Graphics Driver
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23507: an anonymous researcher
Kernel
Available for: macOS Ventura
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
libxpc
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23506: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Mail Drafts
Available for: macOS Ventura
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23503: an anonymous researcher
PackageKit
Available for: macOS Ventura
Impact: An app may be able to gain root privileges
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Safari
Available for: macOS Ventura
Impact: An app may be able to access a user’s Safari history
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23510: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Safari
Available for: macOS Ventura
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: macOS Ventura
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Vim
Available for: macOS Ventura
Impact: Multiple issues in Vim
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-3705
Weather
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Wi-Fi
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23501: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Windows Installer
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Bluetooth
We would like to acknowledge an anonymous researcher for their
assistance.
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
macOS Ventura 13.2 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
Nxnt7RAA2a0c/Ij93MfR8eiNMkIHVnr+wL+4rckVmHvs85dSHNBqQ8+kYpAs2tEk
7CVZoxAGg8LqVa6ZmBbAp5ZJGi2nV8LjOYzaWw/66d648QC2upTWJ93sWmZ7LlLb
m9pcLfBsdAFPmVa8VJO0fxJGkxsCP0cQiBl+f9R4ObZBBiScbHUckSmHa6Qn/Q2U
VsnHnJznAlDHMXiaV3O1zKBeahkqSx/IfO04qmk8oMWh89hI53S551Z3NEx63zgd
Cx8JENj2NpFlgmZ0w0Tz5ZZ3LT4Ok28ns8N762JLE2nbTfEl7rM+bjUfWg4yJ1Rp
TCEelbLKfUjlrh2N1fe0XWBs9br/069QlhTBBVd/qAbUBxkS/UOlWk3Vp+TI0bkK
rrXouRijzRmBBK93jfWxhyd27avqQHmc04ofjY/lNYOCcGMrr813cGKNs90aRfcg
joKeC51mYJnlTyMB0nDcJx3b5+MN+Ij7Sa04B9dbH162YFxp4LsaavmR0MooN1T9
3XrXEQ71a3pvdoF1ffW9Mz7vaqhBkffnzQwWU5zY2RwDTjFyHdNyI/1JkVzYmAxq
QR4uA5gCDYYk/3rzlrVot+ezHX525clTHsvEYhIfu+i1HCxqdpvfaHbn2m+i1QtU
/Lzz2mySt3y0akZ2rHwPfBZ8UFfvaauyhZ3EhSP3ikGs9DOsv1w=
=pcJ4
-----END PGP SIGNATURE-----
.
Safari 16.3 may be obtained from the Mac App Store
| VAR-202301-2378 | CVE-2023-23510 | apple's macOS Vulnerability in |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user’s Safari history. apple's macOS Exists in unspecified vulnerabilities.Information may be obtained
| VAR-202301-1716 | CVE-2023-23507 | apple's macOS Vulnerability in |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel privileges. apple's macOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Information about the security content is also available at
https://support.apple.com/HT213604.
AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Monterey
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
curl
Available for: macOS Monterey
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.85.0.
CVE-2022-35252
dcerpc
Available for: macOS Monterey
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
DiskArbitration
Available for: macOS Monterey
Impact: An encrypted volume may be unmounted and remounted by a
different user without prompting for the password
Description: A logic issue was addressed with improved state
management.
CVE-2022-32915: Tommy Muir (@Muirey03)
Intel Graphics Driver
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
Kernel
Available for: macOS Monterey
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
PackageKit
Available for: macOS Monterey
Impact: An app may be able to gain root privileges
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Screen Time
Available for: macOS Monterey
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Regula of SecuRing (wojciechregula.blog)
Weather
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: macOS Monterey
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Windows Installer
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
macOS Monterey 12.6.3 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
NxlXeg/+JwvCu4zHuDTptxkKw1gxht0hTTVJvNjgNWj2XFtnOz9kCIupGj/xPTMl
P9vABQWRbpEJfCJE31FbUcxRCMcr/jm8dDb1ocx4qsGLlY5iGLQ/M1G6OLxQVajg
gGaCSMjW9Zk7l7sXztKj4XcirsB3ft9tiRJwgPUE0znaT70970usFdg+q95CzODm
DHVoa5VNLi0zA4178CIiq4WayAZe90cRYYQQ1+Okjhab/U/blfGgEPhA/rrdjQ85
J4NKTXyGBIWl+Ix4HpLikYpnwm/TKyYiY+MogZ6xUmFwnUgXkPCc4gYdPANQk064
KNjy90yq3Os9IBjfDpw+Pqs6I3GMZ0oNYUKWO+45/0NVp5/qjDFt5K7ZS+Xz5Py7
YrodbwaYiESzsdfLja9ILf8X7taDLHxxfHEvWcXnhcMD1XNKU6mpsb8SOLicWYzp
8maZarjhzQl3dQi4Kz3vQk0hKHTIE6/04fRdDpqhM9WXljayLLO7bsryW8u98Y/b
fR3BXgfsll+QjdLDeW3nfuY+q2JsW0a2lhJZnxuRQPC+wUGDoCY7vcCbv8zkx0oo
y1w8VDBdUjj7vyVSAqoZNlpgl1ebKgciVhTvrgTsyVxuOA94VzDCeI5/6RkjDAJ+
WL2Em8qc4aqXvGEwimKdNkETbyqIRcNVXWhXLVGLsmHvDViVjGQ=
=BbMS
-----END PGP SIGNATURE-----
| VAR-202301-2198 | CVE-2023-23506 | apple's macOS Vulnerability in |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data. apple's macOS Exists in unspecified vulnerabilities.Information may be obtained
| VAR-202301-1723 | CVE-2023-23508 | apple's macOS Vulnerability in |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to bypass Privacy preferences. apple's macOS Exists in unspecified vulnerabilities.Information may be tampered with. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3
macOS Monterey 12.6.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213604.
AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Monterey
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
curl
Available for: macOS Monterey
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.85.0.
CVE-2022-35252
dcerpc
Available for: macOS Monterey
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
DiskArbitration
Available for: macOS Monterey
Impact: An encrypted volume may be unmounted and remounted by a
different user without prompting for the password
Description: A logic issue was addressed with improved state
management.
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)
DriverKit
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A type confusion issue was addressed with improved
checks.
CVE-2022-32915: Tommy Muir (@Muirey03)
Intel Graphics Driver
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23507: an anonymous researcher
Kernel
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
Kernel
Available for: macOS Monterey
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
PackageKit
Available for: macOS Monterey
Impact: An app may be able to gain root privileges
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Screen Time
Available for: macOS Monterey
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Regula of SecuRing (wojciechregula.blog)
Weather
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: macOS Monterey
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Windows Installer
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
macOS Monterey 12.6.3 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
NxlXeg/+JwvCu4zHuDTptxkKw1gxht0hTTVJvNjgNWj2XFtnOz9kCIupGj/xPTMl
P9vABQWRbpEJfCJE31FbUcxRCMcr/jm8dDb1ocx4qsGLlY5iGLQ/M1G6OLxQVajg
gGaCSMjW9Zk7l7sXztKj4XcirsB3ft9tiRJwgPUE0znaT70970usFdg+q95CzODm
DHVoa5VNLi0zA4178CIiq4WayAZe90cRYYQQ1+Okjhab/U/blfGgEPhA/rrdjQ85
J4NKTXyGBIWl+Ix4HpLikYpnwm/TKyYiY+MogZ6xUmFwnUgXkPCc4gYdPANQk064
KNjy90yq3Os9IBjfDpw+Pqs6I3GMZ0oNYUKWO+45/0NVp5/qjDFt5K7ZS+Xz5Py7
YrodbwaYiESzsdfLja9ILf8X7taDLHxxfHEvWcXnhcMD1XNKU6mpsb8SOLicWYzp
8maZarjhzQl3dQi4Kz3vQk0hKHTIE6/04fRdDpqhM9WXljayLLO7bsryW8u98Y/b
fR3BXgfsll+QjdLDeW3nfuY+q2JsW0a2lhJZnxuRQPC+wUGDoCY7vcCbv8zkx0oo
y1w8VDBdUjj7vyVSAqoZNlpgl1ebKgciVhTvrgTsyVxuOA94VzDCeI5/6RkjDAJ+
WL2Em8qc4aqXvGEwimKdNkETbyqIRcNVXWhXLVGLsmHvDViVjGQ=
=BbMS
-----END PGP SIGNATURE-----
| VAR-202301-1709 | CVE-2023-23497 | apple's macOS Vulnerability in |
CVSS V2: - CVSS V3: 7.8 Severity: HIGH |
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to gain root privileges. apple's macOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-01-23-4 macOS Ventura 13.2
macOS Ventura 13.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213605.
AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Ventura
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
dcerpc
Available for: macOS Ventura
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
DiskArbitration
Available for: macOS Ventura
Impact: An encrypted volume may be unmounted and remounted by a
different user without prompting for the password
Description: A logic issue was addressed with improved state
management.
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)
ImageIO
Available for: macOS Ventura
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Intel Graphics Driver
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23507: an anonymous researcher
Kernel
Available for: macOS Ventura
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
libxpc
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23506: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Mail Drafts
Available for: macOS Ventura
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Safari
Available for: macOS Ventura
Impact: An app may be able to access a user’s Safari history
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23510: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Safari
Available for: macOS Ventura
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: macOS Ventura
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Vim
Available for: macOS Ventura
Impact: Multiple issues in Vim
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-3705
Weather
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Wi-Fi
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23501: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Windows Installer
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Bluetooth
We would like to acknowledge an anonymous researcher for their
assistance.
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
macOS Ventura 13.2 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
Nxnt7RAA2a0c/Ij93MfR8eiNMkIHVnr+wL+4rckVmHvs85dSHNBqQ8+kYpAs2tEk
7CVZoxAGg8LqVa6ZmBbAp5ZJGi2nV8LjOYzaWw/66d648QC2upTWJ93sWmZ7LlLb
m9pcLfBsdAFPmVa8VJO0fxJGkxsCP0cQiBl+f9R4ObZBBiScbHUckSmHa6Qn/Q2U
VsnHnJznAlDHMXiaV3O1zKBeahkqSx/IfO04qmk8oMWh89hI53S551Z3NEx63zgd
Cx8JENj2NpFlgmZ0w0Tz5ZZ3LT4Ok28ns8N762JLE2nbTfEl7rM+bjUfWg4yJ1Rp
TCEelbLKfUjlrh2N1fe0XWBs9br/069QlhTBBVd/qAbUBxkS/UOlWk3Vp+TI0bkK
rrXouRijzRmBBK93jfWxhyd27avqQHmc04ofjY/lNYOCcGMrr813cGKNs90aRfcg
joKeC51mYJnlTyMB0nDcJx3b5+MN+Ij7Sa04B9dbH162YFxp4LsaavmR0MooN1T9
3XrXEQ71a3pvdoF1ffW9Mz7vaqhBkffnzQwWU5zY2RwDTjFyHdNyI/1JkVzYmAxq
QR4uA5gCDYYk/3rzlrVot+ezHX525clTHsvEYhIfu+i1HCxqdpvfaHbn2m+i1QtU
/Lzz2mySt3y0akZ2rHwPfBZ8UFfvaauyhZ3EhSP3ikGs9DOsv1w=
=pcJ4
-----END PGP SIGNATURE-----
| VAR-202301-1725 | CVE-2023-23493 | apple's macOS Authentication vulnerability in |
CVSS V2: - CVSS V3: 3.3 Severity: LOW |
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a different user without prompting for the password. apple's macOS There is an authentication vulnerability in.Information may be tampered with.
Information about the security content is also available at
https://support.apple.com/HT213605.
AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Ventura
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.86.0.
CVE-2022-42915
CVE-2022-42916
CVE-2022-32221
CVE-2022-35260
dcerpc
Available for: macOS Ventura
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-23493: Oliver Norpoth (@norpoth) of KLIXX GmbH (klixx.com)
ImageIO
Available for: macOS Ventura
Impact: Processing an image may lead to a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2023-23519: Yiğit Can YILMAZ (@yilmazcanyigit)
Intel Graphics Driver
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved bounds checks.
CVE-2023-23507: an anonymous researcher
Kernel
Available for: macOS Ventura
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2023-23500: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to determine kernel memory layout
Description: An information disclosure issue was addressed by
removing the vulnerable code.
CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23504: Adam Doupé of ASU SEFCOM
libxpc
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23506: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Mail Drafts
Available for: macOS Ventura
Impact: The quoted original message may be selected from the wrong
email when forwarding an email from an Exchange account
Description: A logic issue was addressed with improved state
management.
CVE-2023-23498: an anonymous researcher
Maps
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Safari
Available for: macOS Ventura
Impact: An app may be able to access a user’s Safari history
Description: A permissions issue was addressed with improved
validation.
CVE-2023-23510: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Safari
Available for: macOS Ventura
Impact: Visiting a website may lead to an app denial-of-service
Description: The issue was addressed with improved handling of
caches.
CVE-2023-23512: Adriatik Raci
Screen Time
Available for: macOS Ventura
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
Vim
Available for: macOS Ventura
Impact: Multiple issues in Vim
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-3705
Weather
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an
anonymous researcher
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 245464
CVE-2023-23496: ChengGang Wu, Yan Kang, YuHao Hu, Yue Sun, Jiming
Wang, JiKai Ren and Hang Shu of Institute of Computing Technology,
Chinese Academy of Sciences
WebKit
Available for: macOS Ventura
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Wi-Fi
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23501: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte.
Ltd. (@starlabs_sg)
Windows Installer
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
Additional recognition
Bluetooth
We would like to acknowledge an anonymous researcher for their
assistance.
Kernel
We would like to acknowledge Nick Stenning of Replicate for their
assistance.
Shortcuts
We would like to acknowledge Baibhav Anand Jha from ReconWithMe and
Cristian Dinca of Tudor Vianu National High School of Computer
Science, Romania for their assistance.
WebKit
We would like to acknowledge Eliya Stein of Confiant for their
assistance.
macOS Ventura 13.2 may be obtained from the Mac App Store or Apple's
Software Downloads web site: https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
Nxnt7RAA2a0c/Ij93MfR8eiNMkIHVnr+wL+4rckVmHvs85dSHNBqQ8+kYpAs2tEk
7CVZoxAGg8LqVa6ZmBbAp5ZJGi2nV8LjOYzaWw/66d648QC2upTWJ93sWmZ7LlLb
m9pcLfBsdAFPmVa8VJO0fxJGkxsCP0cQiBl+f9R4ObZBBiScbHUckSmHa6Qn/Q2U
VsnHnJznAlDHMXiaV3O1zKBeahkqSx/IfO04qmk8oMWh89hI53S551Z3NEx63zgd
Cx8JENj2NpFlgmZ0w0Tz5ZZ3LT4Ok28ns8N762JLE2nbTfEl7rM+bjUfWg4yJ1Rp
TCEelbLKfUjlrh2N1fe0XWBs9br/069QlhTBBVd/qAbUBxkS/UOlWk3Vp+TI0bkK
rrXouRijzRmBBK93jfWxhyd27avqQHmc04ofjY/lNYOCcGMrr813cGKNs90aRfcg
joKeC51mYJnlTyMB0nDcJx3b5+MN+Ij7Sa04B9dbH162YFxp4LsaavmR0MooN1T9
3XrXEQ71a3pvdoF1ffW9Mz7vaqhBkffnzQwWU5zY2RwDTjFyHdNyI/1JkVzYmAxq
QR4uA5gCDYYk/3rzlrVot+ezHX525clTHsvEYhIfu+i1HCxqdpvfaHbn2m+i1QtU
/Lzz2mySt3y0akZ2rHwPfBZ8UFfvaauyhZ3EhSP3ikGs9DOsv1w=
=pcJ4
-----END PGP SIGNATURE-----
| VAR-202301-1714 | CVE-2023-23513 | apple's macOS Classic buffer overflow vulnerability in |
CVSS V2: - CVSS V3: 9.8 Severity: CRITICAL |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution. apple's macOS Exists in a classic buffer overflow vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state.
Information about the security content is also available at
https://support.apple.com/HT213603.
AppleMobileFileIntegrity
Available for: macOS Big Sur
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by enabling hardened runtime.
CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog)
curl
Available for: macOS Big Sur
Impact: Multiple issues in curl
Description: Multiple issues were addressed by updating to curl
version 7.85.0.
CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco
Talos
PackageKit
Available for: macOS Big Sur
Impact: An app may be able to gain root privileges
Description: A logic issue was addressed with improved state
management.
CVE-2023-23497: Mickey Jin (@patch1t)
Screen Time
Available for: macOS Big Sur
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23505: Wojciech Reguła of SecuRing (wojciechregula.blog)
WebKit
Available for: macOS Big Sur
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 248268
CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
WebKit Bugzilla: 248268
CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park
(@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung),
JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE
Windows Installer
Available for: macOS Big Sur
Impact: An app may be able to bypass Privacy preferences
Description: The issue was addressed with improved memory handling.
CVE-2023-23508: Mickey Jin (@patch1t)
macOS Big Sur 11.7.3 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke
NxmcTxAA5RgSSuSbRaEzLzDYMXICkEWJLRFDxirCePXlty57qxD+Edl/f7rZhvxx
nt5f0TTSVV2D4j+bb1MC/qFgINJ2SV31UY3nQXg+k85QeCyjEMXQDgIk5QBJd40E
gcPXFOQULvHJAhyKAvNexGqyRTUk4GqifPZNwXFxKC/tsPahr/Bh6OP+l7CkhG7Y
XiDuKLpL7ssAMl6sf7Lg5H114P/6pPwKM949mYzUz+0CH6uXQ7oWSx/KirbR3HD8
W3FQY/iS3hzG6EALUbFWKjxXPHRv/59TQElizLVqfxLQCjSokxyDiW5OehMeefQs
8dFDCMbpbQFC0RBVFVCS3fzhCNu24LfihyUmz9//Azguv3HJhbuZ/kz70JhsLW9F
6mGlbXA/w2rAWXpJ2fRsHSqpZw9jiX1FlfUH+h3T8cmtnfZDduV0AEvCIK8Zp/nq
S6+sZ3i5VtQyUGZc3FKTQVTeMPrXhyLCXlfiCXMfo04P11AJNxOqSHgBH43N8pNp
drRKydDb+u8QpxUzuaxbyn2dgoEaxwRke6jspkPFPZ/ipj8eNLIn2FqQx8CGXCDL
2k/+/a4M/zsGcr39kuGjcXNba6YbXnA8HwWqmKeMwQ+3VTMwf6C2x0h6OBQGIGcv
MyrKHkVVE9KyPk9AULiw4BJYX7MMBmSbpf2OEDP3d06d6e1ljv8=
=hYz5
-----END PGP SIGNATURE-----
| VAR-202301-1849 | CVE-2022-4816 | Lenovo Safecenter Vulnerability in |
CVSS V2: - CVSS V3: 5.5 Severity: MEDIUM |
A denial-of-service vulnerability has been identified in Lenovo Safecenter that could allow a local user to crash the application. Lenovo Safecenter Exists in unspecified vulnerabilities.Service operation interruption (DoS) It may be in a state