APPLE-SA-2021-05-25-6 watchOS 7.5
APPLE-SA-2021-05-25-6 watchOS 7.5
- Subject: APPLE-SA-2021-05-25-6 watchOS 7.5
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Tue, 25 May 2021 15:21:56 -0700
- Original-recipient: rfc822;email@hidden
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2021-05-25-6 watchOS 7.5
watchOS 7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212533.
Audio
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30707: hjy79425575 working with Trend Micro Zero Day
Initiative
Audio
Available for: Apple Watch Series 3 and later
Impact: Parsing a maliciously crafted audio file may lead to
disclosure of user information
Description: This issue was addressed with improved checks.
CVE-2021-30685: Mickey Jin (@patch1t) of Trend Micro
Core Services
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to gain root privileges
Description: A validation issue existed in the handling of symlinks.
This issue was addressed with improved validation of symlinks.
CVE-2021-30681: Zhongcheng Li (CK01)
CoreAudio
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted audio file may disclose
restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30686: Mickey Jin of Trend Micro
Crash Reporter
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to modify protected parts
of the file system
Description: A logic issue was addressed with improved state
management.
CVE-2021-30727: Cees Elzinga
CVMS
Available for: Apple Watch Series 3 and later
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed with improved checks.
CVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro
Heimdal
Available for: Apple Watch Series 3 and later
Impact: A local user may be able to leak sensitive user information
Description: A logic issue was addressed with improved state
management.
CVE-2021-30697: Gabe Kirkpatrick (@gabe_k)
Heimdal
Available for: Apple Watch Series 3 and later
Impact: A malicious application may cause a denial of service or
potentially disclose memory contents
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-30710: Gabe Kirkpatrick (@gabe_k)
ImageIO
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted image may lead to disclosure
of user information
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360
ImageIO
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted image may lead to disclosure
of user information
Description: This issue was addressed with improved checks.
CVE-2021-30700: Ye Zhang(@co0py_Cat) of Baidu Security
ImageIO
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-30701: Mickey Jin (@patch1t) of Trend Micro and Ye Zhang of
Baidu Security
ImageIO
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted ASTC file may disclose
memory contents
Description: This issue was addressed with improved checks.
CVE-2021-30705: Ye Zhang of Baidu Security
Kernel
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A logic issue was addressed with improved validation.
CVE-2021-30740: Linus Henze (pinauten.de)
Kernel
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A logic issue was addressed with improved state
management.
CVE-2021-30704: an anonymous researcher
Kernel
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted message may lead to a denial
of service
Description: A logic issue was addressed with improved state
management.
CVE-2021-30715: The UK's National Cyber Security Centre (NCSC)
Kernel
Available for: Apple Watch Series 3 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved size
validation.
CVE-2021-30736: Ian Beer of Google Project Zero
LaunchServices
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to break out of its
sandbox
Description: This issue was addressed with improved environment
sanitization.
CVE-2021-30677: Ron Waisberg (@epsilan)
Security
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted certificate may lead to
arbitrary code execution
Description: A memory corruption issue in the ASN.1 decoder was
addressed by removing the vulnerable code.
CVE-2021-30737: xerub
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A cross-origin issue with iframe elements was addressed
with improved tracking of security origins.
CVE-2021-30744: Dan Hite of jsontop
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-21779: Marcin Towalski of Cisco Talos
WebKit
Available for: Apple Watch Series 3 and later
Impact: A malicious application may be able to leak sensitive user
information
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30682: an anonymous researcher and 1lastBr3ath
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2021-30689: an anonymous researcher
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2021-30749: an anonymous researcher and mipu94 of SEFCOM lab,
ASU. working with Trend Micro Zero Day Initiative
CVE-2021-30734: Jack Dates of RET2 Systems, Inc. (@ret2systems)
working with Trend Micro Zero Day Initiative
WebKit
Available for: Apple Watch Series 3 and later
Impact: A malicious website may be able to access restricted ports on
arbitrary servers
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30720: David Schütz (@xdavidhu)
Additional recognition
CommCenter
We would like to acknowledge CHRISTIAN MINA for their assistance.
ImageIO
We would like to acknowledge Jzhu working with Trend Micro Zero Day
Initiative and an anonymous researcher for their assistance.
Mail Drafts
We would like to acknowledge Lauritz Holtmann (@_lauritz_) for their
assistance.
WebKit
We would like to acknowledge Chris Salls (@salls) of Makai Security
for their assistance.
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCtU9IACgkQZcsbuWJ6
jjBl+Q/8DIcv/6S6cTn6VHNie3QxHOf7pMWOQORoc/iaVpu0ucbbrB1c0L0/4FiL
uLcqpt3H2lnr6uThxygLjRFlGEQe4cICFENPtp70a7H4oE5iLA697hc7ZxGIQH0x
OH6F0PkC6Hi27LT/yASRbNEfvI5LWE7X1x+TpxlwsO59/iXWJCgVoiPUxFC51DGs
MgkoXt1q5g0pnOh8YaJq7Wy7zrOpNjizvEaJa28FcJDFxpeLAEfekyd9p5uQXpy/
EiQShotKtmjp2BKaNUyUxnb3vtr026N7O/3RbhUMhCq+I6t2GLe/c91hRPZ30DMQ
f3lTHfco52be8Mgf/vyGZUvtJfhY1H2nM8RmmqnaelJDlcW+sIlWngvter7IOsni
2sl9hniotXZKOrfeh3gT0yvf8NnuMR/0SdsJoUCbK3fGIMsbj48ARhcYNRY4zjME
ym2qgI7pAhiSvfvC1amGg0b9mani/iE2z6V+FJBDk66YaJ0tGdP+v3RxoHifOSS3
CG3nCv8p4PZwfHTu0o3fyG/oq3w2KusKEnu4qJnzovg/bG0O5zJQtgy17cshC1a4
gJVpkhlGXbpvR1PYkltuRnAyydZXcG8sV/rLrq2DFUTMqd/XCDjgLIPdVyMFFus1
Xfd5NPPxKrQsUszHcWowSoZ1QCxfbIm0FtbRrwTDWXrA//NVIH4=
=AG2N
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden