Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Apple Security Updates - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple Security Updates

Summary (MacOS, iOS, tvOS, watchOS)

Component CVE MacOS/OS X iOS watchOS tvOS
Kernel CVE-2018-8897 X      
ATS CVE-2018-4219 X      
WebKit CVE-2018-4188 X X   X
Siri Contacts CVE-2018-4244   X    
Accessibility Framework CVE-2018-4196 X      
Security CVE-2018-4221 X X    
Kernel CVE-2018-4243 X X X X
WebKit CVE-2018-4204 X X   X
AMD CVE-2018-4253 X      
UIKit CVE-2018-4198 X X X X
WebKit CVE-2018-4222 X X X X
WebKit CVE-2018-4192 X X X X
Graphics Drivers CVE-2018-4159 X      
WebKit CVE-2018-4200 X     X
IOHIDFamily CVE-2018-4234 X      
Hypervisor CVE-2018-4242 X      
Messages CVE-2018-4235 X X X X
libxpc CVE-2018-4237 X X X X
WebKit CVE-2018-4232 X X   X
Security CVE-2018-4224 X X X X
Bluetooth CVE-2018-4171 X      
Magnifier CVE-2018-4239   X    
Mail CVE-2018-4227 X X    
iBooks CVE-2018-4202 X X    
Intel Graphics Driver CVE-2018-4141 X      
WebKit CVE-2018-4218 X X X X
Crash Reporter CVE-2018-4206     X X
NVIDIA Graphics Drivers CVE-2018-4230 X      
WebKit CVE-2018-4233 X X X X
WebKit CVE-2018-4190 X X   X
IOGraphics CVE-2018-4236 X      
Contacts CVE-2018-4100   X    
Kernel CVE-2018-4249 X X X X
Security CVE-2018-4223 X X X X
IOFireWireAVC CVE-2018-4228 X      
Firmware CVE-2018-4251 X      
Safari CVE-2018-4247 X X    
Speech CVE-2018-4184 X      
Windows Server CVE-2018-4193 X      
Messages CVE-2018-4250   X    
WebKit CVE-2018-4199 X X   X
Bluetooth CVE-2018-4215   X    
apache_mod_php CVE-2018-7584 X      
WebKit CVE-2018-4201 X X X X
WebKit CVE-2018-4246 X X X X
Security CVE-2018-4226 X X X  
Security CVE-2018-4225 X X X  
FontParser CVE-2018-4211 X X X X
Siri CVE-2018-4252   X    
Kernel CVE-2018-4241 X X X X
Messages CVE-2018-4240 X X X X
Siri CVE-2018-4238   X    
Grand Central Dispatch CVE-2018-4229 X      
WebKit CVE-2018-4214 X X X X

MacOS / OS X

Componeent 10.13 (High Sierra 10.12 (Sierra 10.11 (El Capitan) Impact Details CVE
Accessibility Framework x     A malicious application may be able to execute arbitrary code with system privileges An information disclosure issue existed in Accessibility Framework. This issue was addressed with improved memory management. CVE-2018-4196
AMD x     A local user may be able to read kernel memory An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. CVE-2018-4253
apache_mod_php x     Issues in php were addressed in this update This issue was addressed by updating to php version 7.1.16. CVE-2018-7584
ATS x     A malicious application may be able to elevate privileges A type confusion issue was addressed with improved memory handling. CVE-2018-4219
Bluetooth   x x A malicious application may be able to determine kernel memory layout. An information disclosure issue existed in device properties. This issue was addressed with improved object management. CVE-2018-4171
Firmware x     A malicious application with root privileges may be able to modify the EFI flash memory region A device configuration issue was addressed with an updated configuration. CVE-2018-4251
FontParser x x x Processing a maliciously crafted font file may lead to arbitrary code execution A memory corruption issue was addressed with improved validation. CVE-2018-4211
Grand Central Dispatch x     A sandboxed process may be able to circumvent sandbox restrictions An issue existed in parsing entitlement plists. This issue was addressed with improved input validation. CVE-2018-4229
Graphics Drivers x x x An application may be able to read restricted memory A validation issue was addressed with improved input sanitization. CVE-2018-4159
Hypervisor x     An application may be able to execute arbitrary code with kernel privileges A memory corruption vulnerability was addressed with improved locking. CVE-2018-4242
iBooks x     An attacker in a privileged network position may be able to spoof password prompts in iBooks An input validation issue was addressed with improved input validation. CVE-2018-4202
Intel Graphics Driver x     An application may be able to read restricted memory A validation issue was addressed with improved input sanitization. CVE-2018-4141
IOFireWireAVC x     An application may be able to execute arbitrary code with kernel privileges A race condition was addressed with improved locking. CVE-2018-4228
IOGraphics x     An application may be able to execute arbitrary code with kernel privileges A memory corruption issue was addressed with improved memory handling. CVE-2018-4236
IOHIDFamily x     An application may be able to execute arbitrary code with kernel privileges A memory corruption issue was addressed with improved memory handling. CVE-2018-4234
Kernel x x x An attacker in a privileged position may be able to perform a denial of service attack A denial of service issue was addressed with improved validation. CVE-2018-4249
Kernel   x x A malicious application may be able to execute arbitrary code with kernel privileges In some circumstances, some operating systems may not expect or properly handle an Intel architecture debug exception after certain instructions. The issue appears to be from an undocumented side effect of the instructions. An attacker might utilize this exception handling to gain access to Ring 0 and access sensitive memory or control operating system processes. CVE-2018-8897
Kernel x     An application may be able to execute arbitrary code with kernel privileges A buffer overflow was addressed with improved bounds checking. CVE-2018-4241,CVE-2018-4243
libxpc x     An application may be able to gain elevated privileges A logic issue was addressed with improved validation. CVE-2018-4237
Mail x       An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. CVE-2018-4227
Messages x     A local user may be able to conduct impersonation attacks An injection issue was addressed with improved input validation. CVE-2018-4235
Messages x     Processing a maliciously crafted message may lead to a denial of service This issue was addressed with improved message validation. CVE-2018-4240
NVIDIA Graphics Drivers x     An application may be able to execute arbitrary code with kernel privileges A race condition was addressed with improved locking. CVE-2018-4230
Security x     Users may be tracked by malicious websites using client certificates An issue existed in the handling of S-MIME certificaties. This issue was addressed with improved validation of S-MIME certificates. CVE-2018-4221
Security x     A local user may be able to read a persistent account identifier An authorization issue was addressed with improved state management. CVE-2018-4223
Security x     A local user may be able to read a persistent device identifier An authorization issue was addressed with improved state management. CVE-2018-4224
Security x     A local user may be able to modify the state of the Keychain An authorization issue was addressed with improved state management. CVE-2018-4225
Security x     A local user may be able to view sensitive user information An authorization issue was addressed with improved state management. CVE-2018-4226
Speech x     A sandboxed process may be able to circumvent sandbox restrictions A sandbox issue existed in the handling of microphone access. This issue was addressed with improved handling of microphone access. CVE-2018-4184
UIKit x     Processing a maliciously crafted text file may lead to a denial of service A validation issue existed in the handling of text. This issue was addressed with improved validation of text. CVE-2018-4198
Windows Server x     An application may be able to execute arbitrary code with system privileges A memory corruption issue was addressed with improved memory handling. CVE-2018-4193

iOS

Componeent Impact Details CVE
Bluetooth A malicious application may be able to elevate privileges A buffer overflow was addressed with improved size validation. CVE-2018-4215
Contacts Processing a maliciously crafted vcf file may lead to a denial of service A validation issue existed in the handling of phone numbers. This issue was addressed with improved validation of phone numbers. CVE-2018-4100
FontParser Processing a maliciously crafted font file may lead to arbitrary code execution A memory corruption issue was addressed with improved validation. CVE-2018-4211
iBooks An attacker in a privileged network position may be able to spoof password prompts in iBooks An input validation issue was addressed with improved input validation. CVE-2018-4202
Kernel An application may be able to execute arbitrary code with kernel privileges A buffer overflow was addressed with improved bounds checking. CVE-2018-4241,CVE-2018-4243
Kernel An application may be able to execute arbitrary code with kernel privileges A memory corruption issue was addressed with improved memory handling. CVE-2018-4249
libxpc An application may be able to gain elevated privileges A logic issue was addressed with improved validation. CVE-2018-4237
Magnifier A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lockscreen A permissions issue existed in Magnifier.  This was addressed with additional permission checks. CVE-2018-4239
Mail E-Fail Vulnerability An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. CVE-2018-4227
Messages A local user may be able to conduct impersonation attacks An injection issue was addressed with improved input validation. CVE-2018-4235
Messages Processing a maliciously crafted message may lead to a denial of service This issue was addressed with improved message validation. CVE-2018-4240,CVE-2018-4250
Safari A malicious website may be able to cause a denial of service A denial of service issue was addressed with improved validation. CVE-2018-4247
Security Users may be tracked by malicious websites using client certificates An issue existed in the handling of S-MIME certificaties. This issue was addressed with improved validation of S-MIME certificates. CVE-2018-4221
Security A local user may be able to read a persistent account identifier An authorization issue was addressed with improved state management. CVE-2018-4223
Security A local user may be able to read a persistent device identifier An authorization issue was addressed with improved state management. CVE-2018-4224
Security A local user may be able to modify the state of the Keychain An authorization issue was addressed with improved state management. CVE-2018-4225
Security A local user may be able to view sensitive user information An authorization issue was addressed with improved state management. CVE-2018-4226
Siri A person with physical access to an iOS device may be able to enable Siri from the lock screen An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4238
Siri A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4252
Siri Contacts An attacker with physical access to a device may be able to see private contact information An issue existed with Siri permissions. This was addressed with improved permission checking. CVE-2018-4244
UIKit Processing a maliciously crafted text file may lead to a denial of service A validation issue existed in the handling of text. This issue was addressed with improved validation of text. CVE-2018-4198
WebKit Visiting a malicious website may lead to address bar spoofing An inconsistent user interface issue was addressed with improved state management. CVE-2018-4188
WebKit Processing maliciously crafted web content may lead to arbitrary code execution Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4201,CVE-2018-4218,CVE-2018-4233
WebKit Processing maliciously crafted web content may lead to arbitrary code execution A buffer overflow issue was addressed with improved memory handling. CVE-2018-4199
WebKit Visiting a maliciously crafted website may lead to cookies being overwritten A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. CVE-2018-4232
WebKit Processing maliciously crafted web content may lead to arbitrary code execution A race condition was addressed with improved locking. CVE-2018-4192
WebKit Processing maliciously crafted web content may lead to an unexpected Safari crash A memory corruption issue was addressed with improved input validation. CVE-2018-4214
WebKit Processing maliciously crafted web content may lead to arbitrary code execution A memory corruption issue was addressed with improved memory handling. CVE-2018-4204
WebKit Processing maliciously crafted web content may lead to arbitrary code execution A type confusion issue was addressed with improved memory handling. CVE-2018-4246
WebKit Visiting a maliciously crafted website may leak sensitive data Credentials were unexpectedly sent when fetching CSS mask images. This was addressed by using a CORS-enabled fetch method. CVE-2018-4190
WebKit Processing maliciously crafted web content may lead to arbitrary code execution An out-of-bounds read was addressed with improved input validation. CVE-2018-4222

Apple Watch

Componeent Model Impact Details CVE
Crash Reporter All Apple Watch models An application may be able to gain elevated privileges A memory corruption issue was addressed with improved error handling. CVE-2018-4206
FontParser All Apple Watch models Processing a maliciously crafted font file may lead to arbitrary code execution A memory corruption issue was addressed with improved validation. CVE-2018-4211
Kernel All Apple Watch models An application may be able to execute arbitrary code with kernel privileges A buffer overflow was addressed with improved bounds checking. CVE-2018-4241,CVE-2018-4243
Kernel All Apple Watch models An application may be able to execute arbitrary code with kernel privileges A memory corruption issue was addressed with improved memory handling. CVE-2018-4249
libxpc All Apple Watch models An application may be able to gain elevated privileges A logic issue was addressed with improved validation. CVE-2018-4237
Messages All Apple Watch models A local user may be able to conduct impersonation attacks An injection issue was addressed with improved input validation. CVE-2018-4235
Messages All Apple Watch models Processing a maliciously crafted message may lead to a denial of service This issue was addressed with improved message validation. CVE-2018-4240
Security All Apple Watch models A local user may be able to read a persistent device identifier An authorization issue was addressed with improved state management. CVE-2018-4224
Security All Apple Watch models A local user may be able to modify the state of the Keychain An authorization issue was addressed with improved state management. CVE-2018-4225
Security All Apple Watch models A local user may be able to read a persistent account identifier An authorization issue was addressed with improved state management. CVE-2018-4223
Security All Apple Watch models A local user may be able to view sensitive user information An authorization issue was addressed with improved state management. CVE-2018-4226
UIKit All Apple Watch models Processing a maliciously crafted text file may lead to a denial of service A validation issue existed in the handling of text. This issue was addressed with improved validation of text. CVE-2018-4198
WebKit All Apple Watch models Processing maliciously crafted web content may lead to arbitrary code execution A race condition was addressed with improved locking. CVE-2018-4192
WebKit All Apple Watch models Processing maliciously crafted web content may lead to an unexpected Safari crash A memory corruption issue was addressed with improved input validation. CVE-2018-4214
WebKit All Apple Watch models Processing maliciously crafted web content may lead to arbitrary code execution A type confusion issue was addressed with improved memory handling. CVE-2018-4246
WebKit All Apple Watch models Processing maliciously crafted web content may lead to arbitrary code execution Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4201,CVE-2018-4218,CVE-2018-4233
WebKit All Apple Watch models   Processing maliciously crafted web content may lead to arbitrary code execution An out-of-bounds read was addressed with improved input validation. CVE-2018-4222

 

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute
Twitter|

Johannes

3271 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!