Vivid Headlines

APPLE-SA-09-16-2024-1 iOS 18 and iPadOS 18

APPLE-SA-09-16-2024-1 iOS 18 and iPadOS 18

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-09-16-2024-1 iOS 18 and iPadOS 18 iOS 18 and iPadOS 18 addresses the following issues. Information about the security content is also available at https://support.apple.com/121250. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Accessibility Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An attacker with physical access may be able to use Siri to access sensitive user data Description: This issue was addressed through improved state management. CVE-2024-40840: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India Accessibility Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to enumerate a user's installed apps Description: This issue was addressed with improved data protection. CVE-2024-40830: Chloe Surett Accessibility Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An attacker with physical access to a locked device may be able to Control Nearby Devices via accessibility features Description: This issue was addressed through improved state management. CVE-2024-44171: Jake Derouin Accessibility Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An attacker may be able to see recent photos without authentication in Assistive Access Description: This issue was addressed by restricting options offered on a locked device. CVE-2024-40852: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India Cellular Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: A remote attacker may be able to cause a denial-of-service Description: This issue was addressed through improved state management. CVE-2024-27874: Tuan D. Hoang Compression Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files Description: A race condition was addressed with improved locking. CVE-2024-27876: Snoolie Keffaber (@0xilis) Control Center Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to record the screen without an indicator Description: The issue was addressed with improved checks. CVE-2024-27869: an anonymous researcher Core Bluetooth Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: A malicious Bluetooth input device may bypass pairing Description: This issue was addressed through improved state management. CVE-2024-44124: Daniele Antonioli FileProvider Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved validation of symlinks. CVE-2024-44131: @08Tc3wBB of Jamf Game Center Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access user-sensitive data Description: A file access issue was addressed with improved input validation. CVE-2024-40850: Denis Tokarev (@illusionofcha0s) ImageIO Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing a maliciously crafted file may lead to unexpected app termination Description: An out-of-bounds read issue was addressed with improved input validation. CVE-2024-27880: Junsung Lee ImageIO Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing an image may lead to a denial-of-service Description: An out-of-bounds access issue was addressed with improved bounds checking. CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro Zero Day Initiative and an anonymous researcher IOSurfaceAccelerator Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to cause unexpected system termination Description: The issue was addressed with improved memory handling. CVE-2024-44169: Antonio Zekić Kernel Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Network traffic may leak outside a VPN tunnel Description: A logic issue was addressed with improved checks. CVE-2024-44165: Andrew Lytvynov Kernel Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may gain unauthorized access to Bluetooth Description: This issue was addressed through improved state management. CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven (@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef libxml2 Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: An integer overflow was addressed through improved input validation. CVE-2024-44198: OSS-Fuzz, Ned Williamson of Google Project Zero Mail Accounts Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access information about a user's contacts Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2024-40791: Rodolphe BRUNETTI (@eisw0lf) mDNSResponder Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to cause a denial-of-service Description: A logic error was addressed with improved error handling. CVE-2024-44183: Olivier Levon Model I/O Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing a maliciously crafted image may lead to a denial-of- service Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org. CVE-2023-5841 NetworkExtension Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may gain unauthorized access to Local Network Description: This issue was addressed through improved state management. CVE-2024-44147: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven (@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef Notes Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to overwrite arbitrary files Description: This issue was addressed by removing the vulnerable code. CVE-2024-44167: ajajfxhj Printing Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An unencrypted document may be written to a temporary file when using print preview Description: A privacy issue was addressed with improved handling of files. CVE-2024-40826: an anonymous researcher Safari Private Browsing Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Private Browsing tabs may be accessed without authentication Description: An authentication issue was addressed with improved state management. CVE-2024-44202: Kenneth Chew Safari Private Browsing Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Private Browsing tabs may be accessed without authentication Description: This issue was addressed through improved state management. CVE-2024-44127: Anamika Adhikari Sandbox Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to leak sensitive user information Description: This issue was addressed with improved data protection. CVE-2024-40863: Csaba Fitzl (@theevilbit) of Offensive Security Siri Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An attacker with physical access may be able to access contacts from the lock screen Description: The issue was addressed with improved checks. CVE-2024-44139: Srijan Poudel CVE-2024-44180: Bistrit Dahal Siri Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access user-sensitive data Description: A privacy issue was addressed by moving sensitive data to a more secure location. CVE-2024-44170: K宝, LFY (@secsys), Smi1e, yulige, Cristian Dinca (icmd.tech), Rodolphe BRUNETTI (@eisw0lf) Transparency Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An app may be able to access user-sensitive data Description: A permissions issue was addressed with additional restrictions. CVE-2024-44184: Bohdan Stasiuk (@Bohdan_Stasiuk) UIKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An attacker may be able to cause unexpected app termination Description: The issue was addressed with improved bounds checks. CVE-2024-27879: Justin Cohen WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to universal cross site scripting Description: This issue was addressed through improved state management. WebKit Bugzilla: 268724 CVE-2024-40857: Ron Masas WebKit Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: A malicious website may exfiltrate data cross-origin Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. WebKit Bugzilla: 279452 CVE-2024-44187: Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India) Wi-Fi Available for: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later Impact: An attacker may be able to force a device to disconnect from a secure network Description: An integrity issue was addressed with Beacon Protection. CVE-2024-40856: Domien Schepers Additional recognition Core Bluetooth We would like to acknowledge Nicholas C. of Onymos Inc. (onymos.com) for their assistance. Foundation We would like to acknowledge Ostorlab for their assistance. Installer We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India, Christian Scalese, Ishan Boda, Shane Gallagher, Chi Yuan Chang of ZUSO ART and taikosoup for their assistance. Kernel We would like to acknowledge Braxton Anderson, Deutsche Telekom Security GmbH sponsored by Bundesamt für Sicherheit in der Informationstechnik, Fakhri Zulkifli (@d0lph1n98) of PixiePoint Security for their assistance. Magnifier We would like to acknowledge Andr.Ess for their assistance. Maps We would like to acknowledge Kirin (@Pwnrin) for their assistance. Messages We would like to acknowledge Chi Yuan Chang of ZUSO ART and taikosoup for their assistance. MobileLockdown We would like to acknowledge Andr.Ess for their assistance. Notifications We would like to acknowledge an anonymous researcher for their assistance. Passwords We would like to acknowledge Richard Hyunho Im (@r1cheeta) for their assistance. Photos We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India, Harsh Tyagi, Kenneth Chew, Leandro Chaves, Saurabh Kumar from Technocrat Institute of Technology Bhopal, Shibin B Shaji, Vishnu Prasad P G, UST, Yusuf Kelany for their assistance. Safari We would like to acknowledge Hafiizh and YoKo Kho (@yokoacc) of HakTrak, James Lee (@Windowsrcer) for their assistance. Shortcuts We would like to acknowledge Cristian Dinca of "Tudor Vianu" National High School of Computer Science, Romania, Jacob Braun, an anonymous researcher for their assistance. Siri We would like to acknowledge Rohan Paudel for their assistance. Status Bar We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College of Technology Bhopal India, Jacob Braun for their assistance. TCC We would like to acknowledge Vaibhav Prajapati for their assistance. UIKit We would like to acknowledge Andr.Ess for their assistance. Voice Memos We would like to acknowledge Lisa B for their assistance. WebKit We would like to acknowledge Avi Lumelsky, Uri Katz, (Oligo Security), Johan Carlsson (joaxcar) for their assistance. Wi-Fi We would like to acknowledge Antonio Zekic (@antoniozekic) and ant4g0nist, Tim Michaud (@TimGMichaud) of Moveworks.ai for their assistance. This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 18 and iPadOS 18". All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmbo0iMACgkQX+5d1TXa IvqwEBAApohhDwWQz1WqFbMBsxXvVILHDWrEdxrU9TJy37BEZvupU1Y/IbCCmj4Z Kh/2Jws6rqjrcYTDg0+3ROUdcQvzFBo0uP4BAxtTgi+YX4YzRm1baNC2t1kF/ZgU tK/YD4ECB56J02a7wPPrKgv4t4oAjS4q1HgRs/lWXREG0izm4ZTK3HSl5YOJoSOe HmbT1AIfjGSYNiiszUc8QP3JWrtI0wRHSZPnFm8pidc9y29s73usH7JHX1/DYc9E a9qnGRHQ8ijUYnu0DIZ89iNqHSdNrCiM13BERDi0Z38A9zraNXK7M4t2xt7tyG53 If89cZuJAlBzjS4NZULWVKttAvsEyxnhKJwTLukeJoU/BneO9I6ZB+hBlWbzVE/D lzmUGLsGtujqAVLLPm3Y33waEBDOGtwYheNoAl4guMHzgUiJAGHmd5wnMM/mpMpI ZZ7+18uWeqMZ8EQ0HXtn2OcjDs/0WU2LdoKoq2irgGxxV4RIwxMOUhH7vBcEadaA N7Hxjh0nG6zVQK+qEnxexQraxRYFckDb3IdFZQdygbBHTOWdINMtgrUPRYIu10DW 8/WhHzOxr3mzJ8cHNYryjmgetZqVZK3TRLahqDiExrv7FOlwLkTf69CSYAIuiRT2 WeJiBZwwDi8znbqaL4WgS25ondXTx/CxoA1oNcZyTobqzhSXZZ8= =np6V -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/

Previous articleNext article

POPULAR CATEGORY

entertainment

9371

discovery

4076

multipurpose

9739

athletics

9708