Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2018.0965 tvOS 11.3 3 April 2018 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: tvOS Publisher: Apple Operating System: Apple iOS Impact/Access: Root Compromise -- Remote with User Interaction Increased Privileges -- Remote with User Interaction Access Privileged Data -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2018-4167 CVE-2018-4166 CVE-2018-4165 CVE-2018-4163 CVE-2018-4162 CVE-2018-4161 CVE-2018-4157 CVE-2018-4155 CVE-2018-4150 CVE-2018-4146 CVE-2018-4144 CVE-2018-4143 CVE-2018-4142 CVE-2018-4130 CVE-2018-4129 CVE-2018-4128 CVE-2018-4127 CVE-2018-4125 CVE-2018-4122 CVE-2018-4121 CVE-2018-4120 CVE-2018-4119 CVE-2018-4118 CVE-2018-4115 CVE-2018-4114 CVE-2018-4113 CVE-2018-4104 CVE-2018-4101 Reference: ESB-2018.0964 ESB-2018.0963 Original Bulletin: https://support.apple.com/en-au/HT208698 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2018-3-29-3 tvOS 11.3 tvOS 11.3 is now available and addresses the following: CoreFoundation Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4155: Samuel Gro=C3=9F (@5aelo) CoreText Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted string may lead to a denial of service Description: A denial of service issue was addressed through improved memory handling. CVE-2018-4142: Robin Leroy of Google Switzerland GmbH File System Events Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4167: Samuel Gro=C3=9F (@5aelo) Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4150: an anonymous researcher Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2018-4104: The UK's National Cyber Security Centre (NCSC) Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4143: derrek (@derrekr6) NSURLSession Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4166: Samuel Gro=C3=9F (@5aelo) Quick Look Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: A race condition was addressed with additional validation. CVE-2018-4157: Samuel Gro=C3=9F (@5aelo) Security Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved size validation. CVE-2018-4144: Abraham Masri (@cheesecakeufo) System Preferences Available for: Apple TV 4K and Apple TV (4th generation) Impact: A configuration profile may incorrectly remain in effect after removal Description: An issue existed in CFPreferences. This issue was addressed through improved preferences cleanup. CVE-2018-4115: Johann Thalakada, Vladimir Zubkov, and Matt Vlasach of Wandera WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Unexpected interaction with indexing types causing an ASSERT failure Description: An array indexing issue existed in the handling of a function in javascript core. This issue was addressed through improved checks. CVE-2018-4113: found by OSS-Fuzz WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to a denial of service Description: A memory corruption issue was addressed through improved input validation. CVE-2018-4146: found by OSS-Fuzz WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4101: Yuan Deng of Ant-financial Light-Year Security Lab CVE-2018-4114: found by OSS-Fuzz CVE-2018-4118: Jun Kokatsu (@shhnjk) CVE-2018-4119: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4120: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team CVE-2018-4121: Natalie Silvanovich of Google Project Zero CVE-2018-4122: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4125: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4127: an anonymous researcher working with Trend Micro's Zero Day Initiative CVE-2018-4128: Zach Markley CVE-2018-4129: likemeng of Baidu Security Lab working with Trend Micro's Zero Day Initiative CVE-2018-4130: Omair working with Trend Micro's Zero Day Initiative CVE-2018-4161: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4162: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4163: WanderingGlitch of Trend Micro's Zero Day Initiative CVE-2018-4165: Hanming Zhang (@4shitak4) of Qihoo 360 Vulcan Team Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQJdBAEBCgBHFiEEcuX4rtoRe4X62yWlg6PvjDRstEYFAlq9GlwpHHByb2R1Y3Qt c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQg6PvjDRstEZZFxAA y83tGHgdOMiUzTJ9w6jeb3ZsCsWehnJx4DrcBpcooPFijU69eBgbrM5d7BaN7jPZ rttzw3P5nm74c0V5SBI3rAHdPz0aK6uvci2kpHOGGcgpJLpaX5woj2hMmwEmlVwp q8bfFY1CkLrC69vIs0zu55MS8UFwSGzYUH575mo8kzBj1ieKGlf7BaU4axqSJdkI Mx5KzRPtUOza/xBU9NWMpOYdrX8mWDpCYXenQ4yPeTjeiFAgqibHEwauXkRoZZ/k qCZpzSVvPFvwfWRvHdoUC7qINKChDkjh3oD46cGf139jaoOf7L/IebmWIaPMVAqv BdTQi1mPE5ZK70/DznZfHy69xhFYO+MS53A0RyXZBZtZ7Vn4008rWINYSf/Q/X3m cStsCvSqZOtGLj0irfI3wyoPBltD3HX7eB2sCO6sJ3IFKOdzBoAL0HBdDP+4GCuU A2JQafdU2OsOlIYesmRRQicS10eo49By0ezEJ3hubUQWS82AkOtgyFIYurfENyD8 PHu4ajHfp/fNCn3f18I3DTPMro0ekxvvbKXTlVsD6X1rWMCz6toeaMX8pXd3EZPZ gnADdxpKc0nBFPoR07My7HISTSEDgwRcJdr2Xwf/ZoAxyR9HLIGRhiJFekCZbAsY PQ3rZOaPjuOvA09T8CN+seOQq/IGEO/VB9LIrBgJNs4=3D =3DKWP9 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWsMLkox+lLeg9Ub1AQiCwxAAkIwD1Q4Ymxnd2bi+kk/WwaeLowuEIDuD rP1BQOflLLAKGX0ReHovFyc1SFtBQdY950qJ/Buv9i74GKKMnvqwT6TldQGNN1kJ tRQpgbjpIOXa2m50p/r621LHW+Fr+Q7io0rP5jZecBRbH8+adJ8f1J8DZef5P16c cGVSEbK7PzwPOMTj2szvVNiPtYxbQncLNNPoi/WXaG1Hia38PwwxNGJcj557PqkX zucnJ5yj2/TH3reLZLWDD4ogvnNMAmWOr5fUGfbOJSfN5m9MieUOBqaNr57+lbmr qNdudIO/ziyZn3B1oqYi2QbwI2p3NrQc1yvQyV6hbd09QWhZCOPH47lw5kKqxSRi xsBQzlK0EiE4qhUACK4y9Uo4shQPryVbM2fZA9CAQe513p/06q/hh5WqvFOcpV4C Mi9HETgZ6dXeVI2TPyzHSofdaYN/bCZw4hl4y7u/s0egoR91r/eHHwmjOzfNxOFr 8Y2Isoeo5hW2YK78516GYAZyF6dJUM+nmXMyZ72yPv+tTSTFpD7o2npL+4O8qRUz g6GdtLP2B39zsPmaCx4G4AGSLgMDTWoUYWpFBJM+gAMGn2dHykUpw1mdLlfx1xYF kySV5uJYFlA+iR/OPBWfkzN+w8fRUlVEeynYegL2g/uqV5SrzYgnM5K437owlmG1 myhPv/1+1cc= =Wuc+ -----END PGP SIGNATURE-----