Operating System:

[Mac]

Published:

11 December 2019

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.4632
         macOS Catalina 10.15.2, Security Update 2019-002 Mojave,
                   Security Update 2019-007 High Sierra
                             11 December 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Apple macOS Catalina
Publisher:         Apple
Operating System:  Mac OS
Impact/Access:     Root Compromise                 -- Remote with User Interaction
                   Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
Resolution:        Patch/Upgrade
CVE Names:         CVE-2019-15903 CVE-2019-15167 CVE-2019-15166
                   CVE-2019-15165 CVE-2019-15164 CVE-2019-15163
                   CVE-2019-15162 CVE-2019-15161 CVE-2019-13565
                   CVE-2019-13057 CVE-2019-8856 CVE-2019-8853
                   CVE-2019-8852 CVE-2019-8848 CVE-2019-8847
                   CVE-2019-8842 CVE-2019-8839 CVE-2019-8838
                   CVE-2019-8837 CVE-2019-8833 CVE-2019-8832
                   CVE-2019-8830 CVE-2019-8828 CVE-2018-16452
                   CVE-2018-16451 CVE-2018-16301 CVE-2018-16300
                   CVE-2018-16230 CVE-2018-16229 CVE-2018-16228
                   CVE-2018-16227 CVE-2018-14882 CVE-2018-14881
                   CVE-2018-14880 CVE-2018-14879 CVE-2018-14470
                   CVE-2018-14469 CVE-2018-14468 CVE-2018-14467
                   CVE-2018-14466 CVE-2018-14465 CVE-2018-14464
                   CVE-2018-14463 CVE-2018-14462 CVE-2018-14461
                   CVE-2018-10105 CVE-2018-10103 CVE-2017-16808
                   CVE-2015-1545 CVE-2013-4449 CVE-2012-2668
                   CVE-2012-1164  

Reference:         ESB-2019.4629
                   ESB-2019.3946
                   ESB-2019.3892
                   ESB-2019.3855
                   ESB-2019.3814.2

Original Bulletin: 
   https://support.apple.com/kb/HT201222

- --------------------------BEGIN INCLUDED TEXT--------------------

APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update
2019-002 Mojave, Security Update 2019-007 High Sierra

macOS Catalina 10.15.2, Security Update 2019-002 Mojave,
Security Update 2019-007 High Sierra is now available and
addresses the following:

ATS
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8837: Csaba Fitzl (@theevilbit)

Bluetooth
Available for: macOS Catalina 10.15
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2019-8853: Jianjun Dai of Qihoo 360 Alpha Lab

CallKit
Available for: macOS Catalina 10.15
Impact: Calls made using Siri may be initiated using the wrong
cellular plan on devices with two active plans
Description: An API issue existed in the handling of outgoing phone
calls initiated with Siri. This issue was addressed with improved
state handling.
CVE-2019-8856: Fabrice TERRANCLE of TERRANCLE SARL

CFNetwork Proxies
Available for: macOS Catalina 10.15
Impact: An application may be able to gain elevated privileges
Description: This issue was addressed with improved checks.
CVE-2019-8848: Zhuo Liang of Qihoo 360 Vulcan Team

CUPS
Available for: macOS Catalina 10.15
Impact: In certain configurations, a remote attacker may be able to
submit arbitrary print jobs
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8842: Niky1235 of China Mobile

CUPS
Available for: macOS Catalina 10.15
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-8839: Stephan Zeisberg of Security Research Labs

FaceTime
Available for: macOS Catalina 10.15
Impact: Processing malicious video via FaceTime may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2019-8830: Natalie Silvanovich of Google Project Zero

Kernel
Available for: macOS Catalina 10.15
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2019-8833: Ian Beer of Google Project Zero

Kernel
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS
Catalina 10.15
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8828: Cim Stordal of Cognite
CVE-2019-8838: Dr Silvio Cesare of InfoSect
CVE-2019-8847: Apple
CVE-2019-8852: pattern-f (@pattern_F_) of WaCai

libexpat
Available for: macOS Catalina 10.15
Impact: Parsing a maliciously crafted XML file may lead to disclosure
of user information
Description: This issue was addressed by updating to expat version
2.2.8.
CVE-2019-15903: Joonun Jang

OpenLDAP
Available for: macOS Catalina 10.15
Impact: Multiple issues in OpenLDAP
Description: Multiple issues were addressed by updating to OpenLDAP
version 2.4.28.
CVE-2012-1164
CVE-2012-2668
CVE-2013-4449
CVE-2015-1545
CVE-2019-13057
CVE-2019-13565

Security
Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS
Catalina 10.15
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-8832: Insu Yun of SSLab at Georgia Tech

tcpdump
Available for: macOS Catalina 10.15
Impact: Multiple issues in tcpdump
Description: Multiple issues were addressed by updating to tcpdump
version 4.9.3 and libpcap version 1.9.1
CVE-2017-16808
CVE-2018-10103
CVE-2018-10105
CVE-2018-14461
CVE-2018-14462
CVE-2018-14463
CVE-2018-14464
CVE-2018-14465
CVE-2018-14466
CVE-2018-14467
CVE-2018-14468
CVE-2018-14469
CVE-2018-14470
CVE-2018-14879
CVE-2018-14880
CVE-2018-14881
CVE-2018-14882
CVE-2018-16227
CVE-2018-16228
CVE-2018-16229
CVE-2018-16230
CVE-2018-16300
CVE-2018-16301
CVE-2018-16451
CVE-2018-16452
CVE-2019-15161
CVE-2019-15162
CVE-2019-15163
CVE-2019-15164
CVE-2019-15165
CVE-2019-15166
CVE-2019-15167

Additional recognition

Accounts
We would like to acknowledge Kishan Bagaria (KishanBagaria.com) and
Tom Snelling of Loughborough University for their assistance.

Core Data
We would like to acknowledge Natalie Silvanovich of Google Project
Zero for their assistance.

Installation note:

macOS Catalina 10.15.2, Security Update 2019-002 Mojave,
Security Update 2019-007 High Sierra may be obtained
from the Mac App Store or Apple's Software Downloads web site:
https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXfCFj2aOgq3Tt24GAQjVihAA3B50DR7oWgijs1+jdfxA91WU4+cMnEGe
CPJ9ZTz/0HiGCR4Dp/9Fw8JKuHtDQn1JUM+h0BnQJJYa+2Kx4M0JYh/w++4rFj0w
En09EScxbdjw/kUUlze5r5lQatfJiOu0gISOGUXyddK6SsLqF4D2dX9Xm05kSpaD
OY+zjTTnAH2/U7cNWWxoHY86yZGpWG/VOgLX8ruFp9sWgz4yJLhsIog2lOVwjvrm
EunzBLfBrAFgEf24ely3mJtpCzYm3Cx0UxlNVsFRk+q98JOvmONHGZp2shiDJa3d
oJrN9CBNddf7RoKk3IsZEV55qLI/n2A0KC5s2mReJHTRAOQBUJmEbbisJ/UC3QNO
yb9AJB7Uu2n8qsC1uwofCLK3wuKK8L/AMPbVU3kQTF/E6XgKW7Jz9YPzCpASHHDR
wR6n5MmBmhUqR3Uv6ZVLcZxyBEkYRvQWkQYNRCD8zqScmQNeaNY+T8Hy+e6qGlM0
QNm9fJMLI+CcrwPthmzDFYg19E+YyurjH5LOSi07287BaO83hMG8uU/jyFCe2W1N
zIhL4XS1q30wtomWVdilXXW4N/elUU+gqulK4N/VAc3iI0zv6pAAvD2eV/YRXuTj
NIl7E4+qd5vBArS6qmLxPjsjvjBf6ThBW47bRPZJRC8H//WC845eD4t//1/nG/tq
Qh8w+8jsgq8=
=Ug2v
-----END PGP SIGNATURE-----