{"id":59755,"date":"2024-09-17T19:21:14","date_gmt":"2024-09-17T16:21:14","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/181583\/APPLE-SA-09-16-2024-9.txt"},"modified":"2024-09-17T19:21:14","modified_gmt":"2024-09-17T16:21:14","slug":"apple-security-advisory-09-16-2024-9","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/apple-security-advisory-09-16-2024-9\/","title":{"rendered":"Apple Security Advisory 09-16-2024-9"},"content":{"rendered":"

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256<\/p>\n

APPLE-SA-09-16-2024-9 macOS Sonoma 14.7<\/p>\n

macOS Sonoma 14.7 addresses the following issues.
Information about the security content is also available at
https:\/\/support.apple.com\/121247.<\/p>\n

Apple maintains a Security Releases page at
https:\/\/support.apple.com\/100100 which lists recent
software updates with security advisories.<\/p>\n

Accounts
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved permissions logic.
CVE-2024-44153: Mickey Jin (@patch1t)<\/p>\n

App Intents
Available for: macOS Sonoma
Impact: An app may be able to access sensitive data logged when a
shortcut fails to launch another app
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-44182: Kirin (@Pwnrin)<\/p>\n

AppleGraphicsControl
Available for: macOS Sonoma
Impact: Processing a maliciously crafted video file may lead to
unexpected app termination
Description: The issue was addressed with improved memory handling.
CVE-2024-40846: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative
CVE-2024-40845: Pwn2car working with Trend Micro Zero Day Initiative<\/p>\n

AppleGraphicsControl
Available for: macOS Sonoma
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: A memory initialization issue was addressed with improved
memory handling.
CVE-2024-44154: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative<\/p>\n

AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: The issue was addressed with additional code-signing
restrictions.
CVE-2024-40847: Mickey Jin (@patch1t)<\/p>\n

AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed with improved checks.
CVE-2024-44164: Mickey Jin (@patch1t)<\/p>\n

AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: A library injection issue was addressed with additional
restrictions.
CVE-2024-44168: Claudio Bozzato and Francesco Benvenuto of Cisco Talos<\/p>\n

AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: An attacker may be able to read sensitive information
Description: A downgrade issue was addressed with additional code-
signing restrictions.
CVE-2024-40848: Mickey Jin (@patch1t)<\/p>\n

AppleVA
Available for: macOS Sonoma
Impact: Processing a maliciously crafted video file may lead to
unexpected app termination
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2024-40841: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative<\/p>\n

AppSandbox
Available for: macOS Sonoma
Impact: An app may be able to access protected files within an App
Sandbox container
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-44135: Mickey Jin (@patch1t)<\/p>\n

Automator
Available for: macOS Sonoma
Impact: An Automator Quick Action workflow may be able to bypass
Gatekeeper
Description: This issue was addressed by adding an additional prompt for
user consent.
CVE-2024-44128: Anton Boegler<\/p>\n

bless
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-44151: Mickey Jin (@patch1t)<\/p>\n

Compression
Available for: macOS Sonoma
Impact: Unpacking a maliciously crafted archive may allow an attacker to
write arbitrary files
Description: A race condition was addressed with improved locking.
CVE-2024-27876: Snoolie Keffaber (@0xilis)<\/p>\n

Dock
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed by removing sensitive data.
CVE-2024-44177: an anonymous researcher<\/p>\n

Game Center
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description: A file access issue was addressed with improved input
validation.
CVE-2024-40850: Denis Tokarev (@illusionofcha0s)<\/p>\n

ImageIO
Available for: macOS Sonoma
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: An out-of-bounds read issue was addressed with improved
input validation.
CVE-2024-27880: Junsung Lee<\/p>\n

ImageIO
Available for: macOS Sonoma
Impact: Processing an image may lead to a denial-of-service
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro Zero
Day Initiative, an anonymous researcher<\/p>\n

Intel Graphics Driver
Available for: macOS Sonoma
Impact: Processing a maliciously crafted texture may lead to unexpected
app termination
Description: A buffer overflow issue was addressed with improved memory
handling.
CVE-2024-44160: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative<\/p>\n

Intel Graphics Driver
Available for: macOS Sonoma
Impact: Processing a maliciously crafted texture may lead to unexpected
app termination
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2024-44161: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative<\/p>\n

IOSurfaceAccelerator
Available for: macOS Sonoma
Impact: An app may be able to cause unexpected system termination
Description: The issue was addressed with improved memory handling.
CVE-2024-44169: Antonio Zeki\u0107<\/p>\n

Kernel
Available for: macOS Sonoma
Impact: Network traffic may leak outside a VPN tunnel
Description: A logic issue was addressed with improved checks.
CVE-2024-44165: Andrew Lytvynov<\/p>\n

Mail Accounts
Available for: macOS Sonoma
Impact: An app may be able to access information about a user’s contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-40791: Rodolphe BRUNETTI (@eisw0lf)<\/p>\n

Maps
Available for: macOS Sonoma
Impact: An app may be able to read sensitive location information
Description: An issue was addressed with improved handling of temporary
files.
CVE-2024-44181: Kirin(@Pwnrin) and LFY(@secsys) from Fudan University<\/p>\n

mDNSResponder
Available for: macOS Sonoma
Impact: An app may be able to cause a denial-of-service
Description: A logic error was addressed with improved error handling.
CVE-2024-44183: Olivier Levon<\/p>\n

Notes
Available for: macOS Sonoma
Impact: An app may be able to overwrite arbitrary files
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-44167: ajajfxhj<\/p>\n

PackageKit
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: This issue was addressed with improved validation of
symlinks.
CVE-2024-44178: Mickey Jin (@patch1t)<\/p>\n

Safari
Available for: macOS Sonoma
Impact: Visiting a malicious website may lead to user interface spoofing
Description: This issue was addressed through improved state management.
CVE-2024-40797: Rifa’i Rejal Maynando<\/p>\n

Sandbox
Available for: macOS Sonoma
Impact: A malicious application may be able to access private
information
Description: The issue was addressed with improved checks.
CVE-2024-44163: Zhongquan Li (@Guluisacat)<\/p>\n

Sandbox
Available for: macOS Sonoma
Impact: A malicious application may be able to leak sensitive user
information
Description: The issue was addressed with improved checks.
CVE-2024-44125: Zhongquan Li (@Guluisacat)<\/p>\n

Security Initialization
Available for: macOS Sonoma
Impact: An app may be able to access protected user data
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-40801: Zhongquan Li (@Guluisacat), Pedro Jos\u00e9 Pereira Vieito
(@pvieito), an anonymous researcher<\/p>\n

Shortcuts
Available for: macOS Sonoma
Impact: A shortcut may output sensitive user data without consent
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-44158: Kirin (@Pwnrin)<\/p>\n

Shortcuts
Available for: macOS Sonoma
Impact: An app may be able to observe data displayed to the user by
Shortcuts
Description: A privacy issue was addressed with improved handling of
temporary files.
CVE-2024-40844: Kirin (@Pwnrin) and luckyu (@uuulucky) of NorthSea<\/p>\n

sudo
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: A logic issue was addressed with improved checks.
CVE-2024-40860: Arsenii Kostromin (0x3c3e)<\/p>\n

System Settings
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-44166: Kirin (@Pwnrin) and LFY (@secsys) from Fudan University<\/p>\n

System Settings
Available for: macOS Sonoma
Impact: An app may be able to read arbitrary files
Description: A path handling issue was addressed with improved
validation.
CVE-2024-44190: Rodolphe BRUNETTI (@eisw0lf)<\/p>\n

Transparency
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-44184: Bohdan Stasiuk (@Bohdan_Stasiuk)<\/p>\n

Additional recognition<\/p>\n

Airport
We would like to acknowledge David Dudok de Wit for their assistance.<\/p>\n

macOS Sonoma 14.7 may be obtained from the Mac App Store or Apple’s
Software Downloads web site: https:\/\/support.apple.com\/downloads\/<\/p>\n

All information is also posted on the Apple Security Releases
web site: https:\/\/support.apple.com\/100100.<\/p>\n

This message is signed with Apple’s Product Security PGP key,
and details are available at:
https:\/\/www.apple.com\/support\/security\/pgp\/
—–BEGIN PGP SIGNATURE—–<\/p>\n

iQIzBAEBCAAdFiEEsz9altA7uTI+rE\/qX+5d1TXaIvoFAmboywEACgkQX+5d1TXa
IvrDjxAA2tgRLOOTvFpZrVW\/HEBxwCFUn7UkzXyfgUTuqntjSvmsc\/pyVmPDpnOM
UnLhZ4d3B6v44MSelhxSbomtGkggQfYAvcNmlPDk+yMMS0K5yRBJ3dobEt4e53Wj
9DQl2cQfHxop3uaLRFRTRy5Wk46xIZcsPS3Obb0kLAZpnzD1K2UQ5tIgEVF2ETqi
SaRlrjqsgiauG\/qZ8pzJjQSB1\/iNBJCf4TBMBmHHJ91zAVOiYxvVcIAcBl1cBK4m
UU6Z0vF1NmNCTAu\/8KPP0Y6AD5tM7ZrkotU1yTP8uey4r3Ec8XrZqzhTH05sMI5V
Xt98UeRNl2EJQAJR2Wjfsa2u255SvJ9VJpOGpTff9npsP5c6a7fup2mcKSVmCJHG
FxFoU9WC2Lx2fsb7kBZXx5y4+\/lwKBh8gQBkqOB4vttUZIYwp\/rwXJtBvwkSb3E+
2MTYly0SAAAbwrGoImKsskbiOxB+Ebry2cZ4Rg8rKKwQIfpjpgCb2U97Ue1zCU\/S
lHCObpyD0HtDD13zYw3NXfbrcWS195WhLdgtVl9XJz90pQQwdcINzubGhILmabpl
Q+QXoSuKNi0ooy9qO8yEmQdzF0swD\/FZMqTmF6FFtFby4NpY6ooapHHyhJOGeqSn
\/Poj2T\/Ay\/xaX7VL2fUPU9n0KTNtp+HgvgpzMX31HpBNXo\/96Eo=
=YUrh
—–END PGP SIGNATURE—–<\/p>\n","protected":false},"excerpt":{"rendered":"

—–BEGIN PGP SIGNED MESSAGE—–Hash: SHA256 APPLE-SA-09-16-2024-9 macOS Sonoma 14.7 macOS Sonoma 14.7 addresses the following issues.Information about the security content is also available athttps:\/\/support.apple.com\/121247. Apple maintains a Security Releases page athttps:\/\/support.apple.com\/100100 which lists recentsoftware updates with security advisories. AccountsAvailable for: macOS SonomaImpact: An app may be able to access user-sensitive dataDescription: The issue was addressed …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59755","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59755","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59755"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59755\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59755"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59755"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59755"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}