Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.0990 APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4 26 March 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mojave Publisher: Apple Operating System: Mac OS Impact/Access: Root Compromise -- Remote with User Interaction Execute Arbitrary Code/Commands -- Remote with User Interaction Access Privileged Data -- Remote with User Interaction Overwrite Arbitrary Files -- Remote with User Interaction Denial of Service -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2019-8565 CVE-2019-8561 CVE-2019-8555 CVE-2019-8552 CVE-2019-8550 CVE-2019-8549 CVE-2019-8546 CVE-2019-8545 CVE-2019-8542 CVE-2019-8540 CVE-2019-8537 CVE-2019-8533 CVE-2019-8530 CVE-2019-8529 CVE-2019-8527 CVE-2019-8526 CVE-2019-8522 CVE-2019-8521 CVE-2019-8520 CVE-2019-8519 CVE-2019-8517 CVE-2019-8516 CVE-2019-8514 CVE-2019-8513 CVE-2019-8511 CVE-2019-8510 CVE-2019-8508 CVE-2019-8507 CVE-2019-8504 CVE-2019-8502 CVE-2019-7293 CVE-2019-6239 CVE-2019-6237 CVE-2019-6207 CVE-2018-18313 CVE-2018-18311 CVE-2018-12015 Reference: ESB-2019.0987 ESB-2019.0986 Original Bulletin: https://support.apple.com/en-au/HT209600 - --------------------------BEGIN INCLUDED TEXT-------------------- APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra are now available and addresses the following: AppleGraphicsControl Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved size validation. CVE-2019-8555: Zhiyi Zhang of 360 ESG Codesafe Team, Zhuo Liang and shrek_wzw of Qihoo 360 Nirvan Team Bom Available for: macOS Mojave 10.14.3 Impact: A malicious application may bypass Gatekeeper checks Description: This issue was addressed with improved handling of file metadata. CVE-2019-6239: Ian Moorhouse and Michael Trimm CFString Available for: macOS Mojave 10.14.3 Impact: Processing a maliciously crafted string may lead to a denial of service Description: A validation issue was addressed with improved logic. CVE-2019-8516: SWIPS Team of Frifee Inc. configd Available for: macOS Mojave 10.14.3 Impact: A malicious application may be able to elevate privileges Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8552: Mohamed Ghannam (@_simo36) Contacts Available for: macOS Mojave 10.14.3 Impact: A malicious application may be able to elevate privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2019-8511: an anonymous researcher CoreCrypto Available for: macOS Mojave 10.14.3 Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8542: an anonymous researcher DiskArbitration Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: An encrypted volume may be unmounted and remounted by a different user without prompting for the password Description: A logic issue was addressed with improved state management. CVE-2019-8522: Colin Meginnis (@falc420) FaceTime Available for: macOS Mojave 10.14.3 Impact: A user's video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing Description: An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. CVE-2019-8550: Lauren Guzniczak of Keystone Academy Feedback Assistant Available for: macOS Mojave 10.14.3 Impact: A malicious application may be able to gain root privileges Description: A race condition was addressed with additional validation. CVE-2019-8565: CodeColorist of Ant-Financial LightYear Labs Feedback Assistant Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: A malicious application may be able to overwrite arbitrary files Description: This issue was addressed with improved checks. CVE-2019-8521: CodeColorist of Ant-Financial LightYear Labs file Available for: macOS Mojave 10.14.3 Impact: Processing a maliciously crafted file might disclose user information Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-6237: an anonymous researcher Graphics Drivers Available for: macOS Mojave 10.14.3 Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8519: Aleksandr Tarasikov (@astarasikov), Juwei Lin (@panicaII) and Junzhi Lu of Trend Micro Research working with Trend Micro's Zero Day Initiative iAP Available for: macOS Mojave 10.14.3 Impact: A malicious application may be able to elevate privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8542: an anonymous researcher IOGraphics Available for: macOS Mojave 10.14.3 Impact: A Mac may not lock when disconnecting from an external monitor Description: A lock handling issue was addressed with improved lock handling. CVE-2019-8533: an anonymous researcher, James Eagan of Télécom ParisTech, R. Scott Kemp of MIT, Romke van Dijk of Z-CERT IOHIDFamily Available for: macOS Mojave 10.14.3 Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: A memory corruption issue was addressed with improved state management. CVE-2019-8545: Adam Donenfeld (@doadam) of the Zimperium zLabs Team IOKit Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: A local user may be able to read kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8504: an anonymous researcher IOKit SCSI Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2019-8529: Juwei Lin (@panicaII) of Trend Micro Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory Description: A buffer overflow was addressed with improved size validation. CVE-2019-8527: Ned Williamson of Google and derrek (@derrekr6) Kernel Available for: macOS Sierra 10.12.6, macOS Mojave 10.14.3 Impact: Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2019-8508: Dr. Silvio Cesare of InfoSect Kernel Available for: macOS Mojave 10.14.3 Impact: An application may be able to gain elevated privileges Description: A logic issue was addressed with improved state management. CVE-2019-8514: Samuel Gross of Google Project Zero Kernel Available for: macOS Sierra 10.12.6, macOS Mojave 10.14.3 Impact: A malicious application may be able to determine kernel memory layout Description: A memory initialization issue was addressed with improved memory handling. CVE-2019-8540: Weibo Wang (@ma1fan) of Qihoo 360 Nirvan Team Kernel Available for: macOS Mojave 10.14.3 Impact: A local user may be able to read kernel memory Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-7293: Ned Williamson of Google Kernel Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: A malicious application may be able to determine kernel memory layout Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. CVE-2019-6207: Weibo Wang of Qihoo 360 Nirvan Team (@ma1fan) CVE-2019-8510: Stefan Esser of Antid0te UG Messages Available for: macOS Mojave 10.14.3 Impact: A local user may be able to view sensitive user information Description: An access issue was addressed with additional sandbox restrictions. CVE-2019-8546: ChiYuan Chang Notes Available for: macOS Mojave 10.14.3 Impact: A local user may be able to view a user's locked notes Description: An access issue was addressed with improved memory management. CVE-2019-8537: Greg Walker (gregwalker.us) PackageKit Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved validation. CVE-2019-8561: Jaron Bradley of Crowdstrike Perl Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: Multiple issues in Perl Description: Multiple issues in Perl were addressed in this update. CVE-2018-12015: Jakub Wilk CVE-2018-18311: Jayakrishna Menon CVE-2018-18313: Eiichi Tsukata Power Management Available for: macOS Mojave 10.14.3 Impact: A malicious application may be able to execute arbitrary code with system privileges Description: Multiple input validation issues existed in MIG generated code. These issues were addressed with improved validation. CVE-2019-8549: Mohamed Ghannam (@_simo36) of SSD Secure Disclosure (ssd-disclosure.com) QuartzCore Available for: macOS Mojave 10.14.3 Impact: Processing malicious data may lead to unexpected application termination Description: Multiple memory corruption issues were addressed with improved input validation. CVE-2019-8507: Kai Lu or Fortinet's FortiGuard Labs Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: An application may be able to gain elevated privileges Description: A use after free issue was addressed with improved memory management. CVE-2019-8526: Linus Henze (pinauten.de) Security Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: A malicious application may be able to read restricted memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8520: Antonio Groza, The UK's National Cyber Security Centre (NCSC) Siri Available for: macOS Mojave 10.14.3 Impact: A malicious application may be able to initiate a Dictation request without user authorization Description: An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. CVE-2019-8502: Luke Deshotels of North Carolina State University, Jordan Beichler of North Carolina State University, William Enck of North Carolina State University, Costin Carabae of University POLITEHNICA of Bucharest, and Razvan Deaconescu of University POLITEHNICA of Bucharest Time Machine Available for: macOS Sierra 10.12.6, macOS High Sierra 10.13.6, macOS Mojave 10.14.3 Impact: A local user may be able to execute arbitrary shell commands Description: This issue was addressed with improved checks. CVE-2019-8513: CodeColorist of Ant-Financial LightYear Labs TrueTypeScaler Available for: macOS Mojave 10.14.3 Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2019-8517: riusksk of VulWar Corp working with Trend Micro Zero Day Initiative XPC Available for: macOS Sierra 10.12.6, macOS Mojave 10.14.3 Impact: A malicious application may be able to overwrite arbitrary files Description: This issue was addressed with improved checks. CVE-2019-8530: CodeColorist of Ant-Financial LightYear Labs Additional recognition Accounts We would like to acknowledge Milan Stute of Secure Mobile Networking Lab at Technische University Darmstadt for their assistance. Books We would like to acknowledge Yiait Can YILMAZ (@yilmazcanyigit) for their assistance. Kernel We would like to acknowledge Brandon Azad of Google Project Zero for their assistance. Mail We would like to acknowledge Craig Young of Tripwire VERT and Hanno Back for their assistance. Time Machine We would like to acknowledge CodeColorist of Ant-Financial LightYear Labs for their assistance. Installation note: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXJmutWaOgq3Tt24GAQh83w/9EZtw/7Z8kBd+upId+1+yMExaeELabhox wSYN8OBCDcvzic15PkgbUcF8d1CqdJaRsubJhnFpz3QV5VenFmm3iZFnZYq7MmbU Y0q/JNBpI/y4fQDFKDYYfpS/Crukvrl/66Yzdeu48tkAv9y7W7EZINNzno3oUJNv gtLSYofkHsW00FYg7DoXnQS80puGdsFbfiFSCnVKvxpiqm5zUTVCFc/g9xo4qQhY ovgA1MBVyW2g165CJ4BZCbEX1KLL6rGrOOw9pgbplChOK1wVy102c4jPTyihATxK 0zp2ReMwXAn7UBmwDYMazZ0O7JE43FXK0iRS+Gm0FAK4mVsyaOzjJVvVmsOVHz2T PQ2KJvXgVxDl4Iw6o0dnWghcBApCjK0BhJs2T0WJDQtdHzrkCbZFC6ZS1Po+nUNA NTYELdFQCAxhswkAmNbABz5RnO0GjHTrMIvpwUDTEbvyl3uzqQuHb+8k6+81CcIn AOxIlz1lSlmeyGpAbrv7dShmD9GYgmRlQbc8RqP28rtip1oKRbNnrqB0soFiZsri BtcXPdPCSD17LWuFDEuHKIjlMGULcon4yuRHhYrbkkVJy/Rvh97bMDiuhCFbbcij GOy7QdEgRGBlMgS/a+M/zM/KTIyZb2LZ6TxbcHY1xiKfmE0ugNSNaHJYMpH8FZEO uC7zx3Ep4Y0= =yrlD -----END PGP SIGNATURE-----