Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.0239 Multiple vulnerabilities have been identified in Apple tvOS 24 January 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Apple tvOS Publisher: Apple Operating System: Apple iOS Impact/Access: Root Compromise -- Existing Account Execute Arbitrary Code/Commands -- Remote with User Interaction Access Privileged Data -- Existing Account Provide Misleading Information -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2018-4096 CVE-2018-4095 CVE-2018-4094 CVE-2018-4093 CVE-2018-4092 CVE-2018-4090 CVE-2018-4089 CVE-2018-4088 CVE-2018-4087 CVE-2018-4086 CVE-2018-4085 CVE-2018-4082 Reference: ESB-2018.0236 Original Bulletin: https://support.apple.com/en-au/HT208462 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-1-23-4 tvOS 11.2.5 tvOS 11.2.5 is now available and addresses the following: Audio Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4094: Mingi Cho, MinSik Shin, Seoyoung Kim, Yeongho Lee and Taekyoung Kwon of the Information Security Lab, Yonsei University Core Bluetooth Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4087: Rani Idan (@raniXCH) of Zimperium zLabs Team CVE-2018-4095: Rani Idan (@raniXCH) of Zimperium zLabs Team Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed through improved memory handling. CVE-2018-4090: Jann Horn of Google Project Zero Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: A race condition was addressed through improved locking. CVE-2018-4092: an anonymous researcher Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4082: Russ Cox of Google Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4093: Jann Horn of Google Project Zero QuartzCore Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of web content. This issue was addressed through improved input validation. CVE-2018-4085: Ret2 Systems Inc. working with Trend Micro's Zero Day Initiative Security Available for: Apple TV 4K and Apple TV (4th generation) Impact: A certificate may have name constraints applied incorrectly Description: A certificate evaluation issue existed in the handling of name constraints. This issue was addressed through improved trust evaluation of certificates. CVE-2018-4086: Ian Haken of Netflix WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4088: Jeonghoon Shin of Theori CVE-2018-4089: Ivan Fratric of Google Project Zero CVE-2018-4096: found by OSS-Fuzz Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlpng7kpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZBpxAA prOFNgYdkVj5Qho+Ppw6U/d4xQZKS614VPoD5cfOXR4SxOeDL00LxUkAwMLtIgJm uZI54DR7zaixBoR8Yms4GN2//TgBjG50wvfpuMQiSDP8LZ4WPcHYI/faDFH43yf7 rLDYYSXv8olAZU6w+sM858zuPjx/C5lqykDIOCPiFIZMY1XpLNhcaEyw0jhUYlYm t+KLLNyeXAmBRus/rB2WJk8vRYYwBm3Fz2VyKjUVpvc56ZfezmJTT9sfO/2Hbzaw stduwdsvhGUUpiK/D866xHniJMngTQjOChIjNiP8RG/BaYG/iKejgaVjdOb7ZUsJ vLbu6ctvg1UOMUHrfIotWOMI3LdJbTbTpjS9kCkLBj+ZO7jE+CKibflph7BDt0ND Cafdg34DGu2K3bcCL+CMzscWocw0hPkyYWsxuHatJVuXBEfXfFuzioGzU4FHEeDC tyRH6Fs+divJ23KEssbcieBP2JeA43j/ORjmigZYnAXb4Myge/NT/3eLzrJ9rfbP J6QyVU6Zv7jzXdxKdzTMPqNH3RFRhK4ukeHUq9S57Oh6oICAXA6mWCJnlLEB0kST qSunhULsrufCNVJ4KcfOWz5A0wYijbrylmsCSctaHrJs1nkdaZzNTwUZ/IYHP5Le qApCYj3ugwMg/wpWdqtOYaMYiwglfIxv9xcwpqetH5o= =7nmT - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWmfRtYx+lLeg9Ub1AQgxvQ//TWXmkVNLlze3xzqEsBYkkveZN6wZVdoS SVWBfeeV5XtWpfEU6/4AzewyjlZPEq0SXJ9wST57rOP2lyKAOMuufR+zCYq9aRQC TkJZArZC7JlL3tILUIUj9QhlDqldLELAp8L2yRuV2s6hs6ndYqpx63VnNy8gKz9Z fZkvgGnuWewu7Py44D1bkRrYGymLExbDmMZgQTSDa48LAMglrgcOhJGFBd9o6snJ 0zSc7Au6OWeD6nwAWCQczCGV1kpMgowtAf2EntuDWDx+evEYhFb4bqsMl6+y9fF9 bpqYOVJyt+hf3jCG9xkm/3VDJAEbWWk+xsFDCc+ycMotuptwCucvW1D/RHUg4mbS YhCcw4qz4AgebPIWMS89oEoOfJH34t85k1jxxga+n9Jz7i6CkXDimwiyJW/0ArAq pryWrYKKHepSF3X2Po3IQyJTha/0IDYKBqPTENvkoQmTROUKIYviA7IuJMYm82N+ 0QENdEmVerS/CsSErCSUSjJvMckHehDjGcKjdZ2aO4HN99zE0b53iPSwD9o9jXeU w0q0om63jWm3bBXgSB+QlOqBnkO5D463yoYF5D7SHbvtDWbaiVuJ5nITi+rNhyn2 sdM6yym3zJC+s+FMRZtkYcuQ+m+HLmQkNbO9x3M9UaVSq/f0hvTU57xZWObgPbko pLaIrHBRdb4= =MZTk -----END PGP SIGNATURE-----