APPLE-SA-2017-03-27-6 tvOS 10.2
APPLE-SA-2017-03-27-6 tvOS 10.2
- Subject: APPLE-SA-2017-03-27-6 tvOS 10.2
- From: Apple Product Security <email@hidden>
- Date: Mon, 27 Mar 2017 16:27:28 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-03-27-6 tvOS 10.2
tvOS 10.2 is now available and addresses the following:
Audio
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2430: an anonymous researcher working with Trend Micro’s
Zero Day Initiative
CVE-2017-2462: an anonymous researcher working with Trend Micro’s
Zero Day Initiative
Carbon
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted .dfont file may lead to
arbitrary code execution
Description: A buffer overflow existed in the handling of font files.
This issue was addressed through improved bounds checking.
CVE-2017-2379: John Villamil, Doyensec, riusksk (泉哥) of Tencent
Security Platform Department
CoreGraphics
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An infinite recursion was addressed through improved
state management.
CVE-2017-2417: riusksk (泉哥) of Tencent Security Platform
Department
CoreGraphics
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam
CoreText
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2435: John Villamil, Doyensec
CoreText
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2450: John Villamil, Doyensec
CoreText
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted text message may lead to
application denial of service
Description: A resource exhaustion issue was addressed through
improved input validation.
CVE-2017-2461: an anonymous researcher, Isaac Archambault of IDAoADI
FontParser
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2406: riusksk (泉哥) of Tencent Security Platform
Department
CVE-2017-2487: riusksk (泉哥) of Tencent Security Platform
Department
FontParser
Available for: Apple TV (4th generation)
Impact: Parsing a maliciously crafted font file may lead to an
unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2407: riusksk (泉哥) of Tencent Security Platform
Department
FontParser
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed through improved
input validation.
CVE-2017-2439: John Villamil, Doyensec
HTTPProtocol
Available for: Apple TV (4th generation)
Impact: A malicious HTTP/2 server may be able to cause undefined
behavior
Description: Multiple issues existed in nghttp2 before 1.17.0. These
were addressed by updating LibreSSL to version 1.17.0.
CVE-2017-2428
ImageIO
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2416: Qidan He (何淇丹, @flanker_hqd) of KeenLab, Tencent
ImageIO
Available for: Apple TV (4th generation)
Impact: Viewing a maliciously crafted JPEG file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2432: an anonymous researcher working with Trend Micro's
Zero Day Initiative
ImageIO
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted file may lead to an
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2467
ImageIO
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted image may lead to unexpected
application termination
Description: An out-of-bound read existed in LibTIFF versions before
4.0.7. This was addressed by updating LibTIFF in ImageIO to version
4.0.7.
CVE-2016-3619
Kernel
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2401: Lufeng Li of Qihoo 360 Vulcan Team
Kernel
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An integer overflow was addressed through improved input
validation.
CVE-2017-2440: an anonymous researcher
Kernel
Available for: Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with root privileges
Description: A race condition was addressed through improved memory
handling.
CVE-2017-2456: lokihardt of Google Project Zero
Kernel
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2472: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2473: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An off-by-one issue was addressed through improved
bounds checking.
CVE-2017-2474: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed through improved locking.
CVE-2017-2478: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow issue was addressed through improved
memory handling.
CVE-2017-2482: Ian Beer of Google Project Zero
CVE-2017-2483: Ian Beer of Google Project Zero
Keyboards
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2458: Shashank (@cyberboyIndia)
libarchive
Available for: Apple TV (4th generation)
Impact: A local attacker may be able to change file system
permissions on arbitrary directories
Description: A validation issue existed in the handling of symlinks.
This issue was addressed through improved validation of symlinks.
CVE-2017-2390: Omer Medan of enSilo Ltd
libc++abi
Available for: Apple TV (4th generation)
Impact: Demangling a malicious C++ application may lead to arbitrary
code execution
Description: A use after free issue was addressed through improved
memory management.
CVE-2017-2441
Security
Available for: Apple TV (4th generation)
Impact: An attacker with a privileged network position may capture or
modify data in sessions protected by SSL/TLS
Description: Under certain circumstances, Secure Transport failed to
validate the authenticity of OTR packets. This issue was addressed by
restoring missing validation steps.
CVE-2017-2448: Alex Radocea of Longterm Security, Inc.
Security
Available for: Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
root privileges
Description: A buffer overflow was addressed through improved bounds
checking.
CVE-2017-2451: Alex Radocea of Longterm Security, Inc.
Security
Available for: Apple TV (4th generation)
Impact: Processing a maliciously crafted x509 certificate may lead to
arbitrary code execution
Description: A memory corruption issue existed in the parsing of
certificates. This issue was addressed through improved input
validation.
CVE-2017-2485: Aleksandar Nikolic of Cisco Talos
WebKit
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may exfiltrate
data cross-origin
Description: A prototype access issue was addressed through improved
exception handling.
CVE-2017-2386: André Bargull
WebKit
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2016-9642: Gustavo Grieco
CVE-2017-2394: Apple
CVE-2017-2396: Apple
WebKit
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved memory handling.
CVE-2017-2395: Apple
CVE-2017-2454: Ivan Fratric of Google Project Zero
CVE-2017-2455: Ivan Fratric of Google Project Zero
CVE-2017-2459: Ivan Fratric of Google Project Zero
CVE-2017-2460: Ivan Fratric of Google Project Zero
CVE-2017-2464: Jeonghoon Shin, Natalie Silvanovich of Google Project
Zero
CVE-2017-2465: Zheng Huang and Wei Yuan of Baidu Security Lab
CVE-2017-2466: Ivan Fratric of Google Project Zero
CVE-2017-2468: lokihardt of Google Project Zero
CVE-2017-2469: lokihardt of Google Project Zero
CVE-2017-2470: lokihardt of Google Project Zero
CVE-2017-2476: Ivan Fratric of Google Project Zero
CVE-2017-2481: 0011 working with Trend Micro's Zero Day Initiative
WebKit
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed through improved
memory handling.
CVE-2017-2415: Kai Kang of Tencent's Xuanwu Lab (tentcent.com)
WebKit
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to high
memory consumption
Description: An uncontrolled resource consumption issue was addressed
through improved regex processing.
CVE-2016-9643: Gustavo Grieco
WebKit
Available for: Apple TV (4th generation)
Impact: A malicious website may exfiltrate data cross-origin
Description: A validation issue existed in the handling of page
loading. This issue was addressed through improved logic.
CVE-2017-2367: lokihardt of Google Project Zero
WebKit
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in the handling of frame objects.
This issue was addressed with improved state management.
CVE-2017-2445: lokihardt of Google Project Zero
WebKit
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A logic issue existed in the handling of strict mode
functions. This issue was addressed with improved state management.
CVE-2017-2446: Natalie Silvanovich of Google Project Zero
WebKit
Available for: Apple TV (4th generation)
Impact: Visiting a maliciously crafted website may compromise user
information
Description: A memory corruption issue was addressed through improved
memory handling.
CVE-2017-2447: Natalie Silvanovich of Google Project Zero
WebKit
Available for: Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue existed in frame handling. This issue was
addressed through improved state management.
CVE-2017-2475: lokihardt of Google Project Zero
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software.”
To check the current version of software, select
"Settings -> General -> About.”
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCgAGBQJY2Yo7AAoJEIOj74w0bLRGpjcQAJKPb3MdrMBsNDx8ys8oYb1W
D+yCQCO/fZigVpBVYqsISzpDyIBmbritZxhGu+IEszYPYI+T89b/zd0VbodBbAQE
czxe+2qj6n1tJLI+AhWAeMlB4m3p8hQbMtzaVpORgcHfFZ0wQw3WSw6YNmVk7R6P
uKwy4S6L/8ETQpWj1AOo63CoVAfY+mSKqwhYfUiZGrAcmsEyVahJdUWcLIfTCKOz
M+HLs09jUOV0X/0HSZyLv2u0WUG0SD3OAgjgovihTEtSzBAPxbsXO4AryPGGsiJH
Fu6ypIKn7ZXL4os7bSxjwAxAvAlAGqDQh1eriX/FGK6swoyxCFm7hG4oVhucZq/y
lw9uAMZFzg/Kfwv9YfqqdDIub8ZpiswyALriWTkjA0Qnnv1ze8F11+/vByI7BgIq
wLvZ7yiwjt6U7bSNAaiX9i7504kiYhyweWKypmj2L4Z+31214Yn/xLIz9Lybo1bR
nmihZo3tX+INMOU03H+E3URVNmBXeex0nvF93fEENwro47EkGBtRARGk3kEzJs4k
5vmbDwguwESAZagxafwdEZRoz/iIELfZD5+UZ3Zbdfj44jtmobBE01l9ae+7/R/3
gD8JrQLPky2OC/uFy7VJAPGmktcXFZTlfvYMAWo9hdJ0Bx7rkQtL38PIHRHouuTQ
8I5xY9dTm0EnK950KLMK
=/lwZ
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden