—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256<\/p>\n
APPLE-SA-06-10-2024-1 visionOS 1.2<\/p>\n
visionOS 1.2 addresses the following issues.
Information about the security content is also available at
https:\/\/support.apple.com\/HT214108.<\/p>\n
Apple maintains a Security Releases page at
https:\/\/support.apple.com\/HT201222 which lists recent
software updates with security advisories.<\/p>\n
CoreMedia
Available for: Apple Vision Pro
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved checks.
CVE-2024-27817: pattern-f (@pattern_F_) of Ant Security Light-Year Lab<\/p>\n
CoreMedia
Available for: Apple Vision Pro
Impact: Processing a file may lead to unexpected app termination or
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-27831: Amir Bazine and Karsten K\u00f6nig of CrowdStrike Counter
Adversary Operations<\/p>\n
Disk Images
Available for: Apple Vision Pro
Impact: An app may be able to elevate privileges
Description: The issue was addressed with improved checks.
CVE-2024-27832: an anonymous researcher<\/p>\n
Foundation
Available for: Apple Vision Pro
Impact: An app may be able to elevate privileges
Description: The issue was addressed with improved checks.
CVE-2024-27801: CertiK SkyFall Team<\/p>\n
ImageIO
Available for: Apple Vision Pro
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: The issue was addressed with improved checks.
CVE-2024-27836: Junsung Lee working with Trend Micro Zero Day Initiative<\/p>\n
IOSurface
Available for: Apple Vision Pro
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2024-27828: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.<\/p>\n
Kernel
Available for: Apple Vision Pro
Impact: An attacker that has already achieved kernel code execution may
be able to bypass kernel memory protections
Description: The issue was addressed with improved memory handling.
CVE-2024-27840: an anonymous researcher<\/p>\n
Kernel
Available for: Apple Vision Pro
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-27815: an anonymous researcher, and Joseph Ravichandran
(@0xjprx) of MIT CSAIL<\/p>\n
libiconv
Available for: Apple Vision Pro
Impact: An app may be able to elevate privileges
Description: The issue was addressed with improved checks.
CVE-2024-27811: Nick Wellnhofer<\/p>\n
Messages
Available for: Apple Vision Pro
Impact: Processing a maliciously crafted message may lead to a denial-
of-service
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-27800: Daniel Zajork and Joshua Zajork<\/p>\n
Metal
Available for: Apple Vision Pro
Impact: Processing a maliciously crafted file may lead to unexpected app
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2024-27802: Meysam Firouzi (@R00tkitsmm) working with Trend Micro
Zero Day Initiative<\/p>\n
Metal
Available for: Apple Vision Pro
Impact: A remote attacker may be able to cause unexpected app
termination or arbitrary code execution
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2024-27857: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative<\/p>\n
Safari
Available for: Apple Vision Pro
Impact: A website’s permission dialog may persist after navigation away
from the site
Description: The issue was addressed with improved checks.
CVE-2024-27844: Narendra Bhati of Suma Soft Pvt. Ltd in Pune (India),
Shaheen Fazim<\/p>\n
WebKit
Available for: Apple Vision Pro
Impact: A maliciously crafted webpage may be able to fingerprint the
user
Description: The issue was addressed by adding additional logic.
WebKit Bugzilla: 262337
CVE-2024-27838: Emilio Cobos of Mozilla<\/p>\n
WebKit
Available for: Apple Vision Pro
Impact: Processing web content may lead to arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 268221
CVE-2024-27808: Lukas Bernhard of CISPA Helmholtz Center for Information
Security<\/p>\n
WebKit
Available for: Apple Vision Pro
Impact: Processing web content may lead to a denial-of-service
Description: The issue was addressed with improvements to the file
handling protocol.
CVE-2024-27812: Ryan Pickren (ryanpickren.com)<\/p>\n
WebKit
Available for: Apple Vision Pro
Impact: A maliciously crafted webpage may be able to fingerprint the
user
Description: This issue was addressed with improvements to the noise
injection algorithm.
WebKit Bugzilla: 270767
CVE-2024-27850: an anonymous researcher<\/p>\n
WebKit
Available for: Apple Vision Pro
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution
Description: An integer overflow was addressed with improved input
validation.
WebKit Bugzilla: 271491
CVE-2024-27833: Manfred Paul (@_manfp) working with Trend Micro Zero Day
Initiative<\/p>\n
WebKit
Available for: Apple Vision Pro
Impact: Processing maliciously crafted web content may lead to arbitrary
code execution
Description: The issue was addressed with improved bounds checks.
WebKit Bugzilla: 272106
CVE-2024-27851: Nan Wang (@eternalsakura13) of 360 Vulnerability
Research Institute<\/p>\n
WebKit Canvas
Available for: Apple Vision Pro
Impact: A maliciously crafted webpage may be able to fingerprint the
user
Description: This issue was addressed through improved state management.
WebKit Bugzilla: 271159
CVE-2024-27830: Joe Rutkowski (@Joe12387) of Crawless and @abrahamjuliot<\/p>\n
WebKit Web Inspector
Available for: Apple Vision Pro
Impact: Processing web content may lead to arbitrary code execution
Description: The issue was addressed with improved memory handling.
WebKit Bugzilla: 270139
CVE-2024-27820: Jeff Johnson of underpassapp.com<\/p>\n
Additional recognition<\/p>\n
ImageIO
We would like to acknowledge an anonymous researcher for their
assistance.<\/p>\n
Transparency
We would like to acknowledge Mickey Jin (@patch1t) for their assistance.<\/p>\n
Instructions on how to update visionOS are available at
https:\/\/support.apple.com\/HT214009 To check the software version
on your Apple Vision Pro, open the Settings app and choose General >
About.
All information is also posted on the Apple Security Releases
web site: https:\/\/support.apple.com\/HT201222.<\/p>\n
This message is signed with Apple’s Product Security PGP key,
and details are available at:
https:\/\/www.apple.com\/support\/security\/pgp\/
—–BEGIN PGP SIGNATURE—–<\/p>\n
iQIzBAEBCAAdFiEEsz9altA7uTI+rE\/qX+5d1TXaIvoFAmZnfN8ACgkQX+5d1TXa
IvoomBAA23557a2KB9vrRnWu5nGWe5qidODwqadX9qUbErqlx6Hm0IMcKEGlaNjc
i1BKib0QXYgh9IVzwn0\/Q6GZX9mncM1EKJfjPVHJjdMPAXue9Dec7PeuSr4mQHUD
bVUh9TS+ejQo9w06AQRdVDOGRl3uXX1E90h4uMVUPOXLkiobYJMlEdU4OAAaJ2MV
qJvfQsTyzRNy4ciaFpc+5opWmaFse1AueE+Sjz30ed9tEjbyHML+yoy39HqAMheT
lECfaKGLp28XyxsKCKW8+F5j83R4Rwi7U0nLROiRSukrwzq+Gbi52n\/BTBvlxTc3
Ng\/4drldksgm9Uu6M9rRQFSRFBFKulK9Zxrj3qUK4Q6HvCTB+N4\/gE7Yf11TyxPl
+HkwG\/ScIw9S4bB88FhA8rYMKIGIlZfDfh8NHCx3Wc11LE+p6LzX2RxQNKaSjgnf
c1+VHJ3SwX\/2mbtBdfPJdu5Qr6ofhanpsCiczJP2FkuSVGCPVIoq8Vam75rrueLn
SLCHqgVker14Z12Q3XYRjyQrsI8nftu0pGZdYruAfw93Od0tTuX6i7G9VopHPRor
1Y6JevWkhAC54KGWDmB2SRc6e3AZRaiAE25QE6I3nwAwRUCo2JZEjoQWfxYry1l2
G5lga3qFvcbyriNoJPUfcKU7EzPYurVbY5rqpnUFi+xTtz1iyEw=
=9AfP
—–END PGP SIGNATURE—–<\/p>\n","protected":false},"excerpt":{"rendered":"
—–BEGIN PGP SIGNED MESSAGE—–Hash: SHA256 APPLE-SA-06-10-2024-1 visionOS 1.2 visionOS 1.2 addresses the following issues.Information about the security content is also available athttps:\/\/support.apple.com\/HT214108. Apple maintains a Security Releases page athttps:\/\/support.apple.com\/HT201222 which lists recentsoftware updates with security advisories. CoreMediaAvailable for: Apple Vision ProImpact: An app may be able to execute arbitrary code with kernelprivilegesDescription: The issue was …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-57438","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/57438","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=57438"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/57438\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=57438"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=57438"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=57438"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}