{"id":59982,"date":"2024-10-30T03:36:05","date_gmt":"2024-10-30T00:36:05","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/182364\/APPLE-SA-10-28-2024-5.txt"},"modified":"2024-10-30T03:36:05","modified_gmt":"2024-10-30T00:36:05","slug":"apple-security-advisory-10-28-2024-5","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/apple-security-advisory-10-28-2024-5\/","title":{"rendered":"Apple Security Advisory 10-28-2024-5"},"content":{"rendered":"

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256<\/p>\n

APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1<\/p>\n

macOS Ventura 13.7.1 addresses the following issues.
Information about the security content is also available at
https:\/\/support.apple.com\/121568.<\/p>\n

Apple maintains a Security Releases page at
https:\/\/support.apple.com\/100100 which lists recent
software updates with security advisories.<\/p>\n

App Support
Available for: macOS Ventura
Impact: A malicious app may be able to run arbitrary shortcuts without
user consent
Description: A path handling issue was addressed with improved logic.
CVE-2024-44255: an anonymous researcher<\/p>\n

AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved validation.
CVE-2024-44270: Mickey Jin (@patch1t)<\/p>\n

AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to modify protected parts of the file system
Description: A downgrade issue affecting Intel-based Mac computers was
addressed with additional code-signing restrictions.
CVE-2024-44280: Mickey Jin (@patch1t)<\/p>\n

ARKit
Available for: macOS Ventura
Impact: Processing a maliciously crafted file may lead to heap
corruption
Description: The issue was addressed with improved checks.
CVE-2024-44126: Holger Fuhrmannek<\/p>\n

Assets
Available for: macOS Ventura
Impact: A malicious app with root privileges may be able to modify the
contents of system files
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-44260: Mickey Jin (@patch1t)<\/p>\n

CoreServicesUIAgent
Available for: macOS Ventura
Impact: An app may be able to modify protected parts of the file system
Description: This issue was addressed with additional entitlement
checks.
CVE-2024-44295: an anonymous researcher<\/p>\n

CoreText
Available for: macOS Ventura
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: The issue was addressed with improved checks.
CVE-2024-44240: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
CVE-2024-44302: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n

CUPS
Available for: macOS Ventura
Impact: An attacker in a privileged network position may be able to leak
sensitive user information
Description: An issue existed in the parsing of URLs. This issue was
addressed with improved input validation.
CVE-2024-44213: Alexandre Bedard<\/p>\n

DiskArbitration
Available for: macOS Ventura
Impact: A sandboxed app may be able to access sensitive user data
Description: The issue was addressed with improved checks.
CVE-2024-40855: Csaba Fitzl (@theevilbit) of Kandji<\/p>\n

Find My
Available for: macOS Ventura
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-44289: Kirin (@Pwnrin)<\/p>\n

Foundation
Available for: macOS Ventura
Impact: Parsing a file may lead to disclosure of user information
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2024-44282: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n

Game Controllers
Available for: macOS Ventura
Impact: An attacker with physical access can input Game Controller
events to apps running on a locked device
Description: The issue was addressed by restricting options offered on a
locked device.
CVE-2024-44265: Ronny Stiftel<\/p>\n

ImageIO
Available for: macOS Ventura
Impact: Processing an image may result in disclosure of process memory
Description: This issue was addressed with improved checks.
CVE-2024-44215: Junsung Lee working with Trend Micro Zero Day Initiative<\/p>\n

ImageIO
Available for: macOS Ventura
Impact: Processing a maliciously crafted message may lead to a denial-
of-service
Description: The issue was addressed with improved bounds checks.
CVE-2024-44297: Jex Amro<\/p>\n

Installer
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2024-44216: Zhongquan Li (@Guluisacat)<\/p>\n

Installer
Available for: macOS Ventura
Impact: A malicious application may be able to modify protected parts of
the file system
Description: The issue was addressed with improved checks.
CVE-2024-44287: Mickey Jin (@patch1t)<\/p>\n

IOGPUFamily
Available for: macOS Ventura
Impact: A malicious app may be able to cause a denial-of-service
Description: The issue was addressed with improved memory handling.
CVE-2024-44197: Wang Yu of Cyberserval<\/p>\n

Kernel
Available for: macOS Ventura
Impact: An app may be able to leak sensitive kernel state
Description: An information disclosure issue was addressed with improved
private data redaction for log entries.
CVE-2024-44239: Mateusz Krzywicki (@krzywix)<\/p>\n

LaunchServices
Available for: macOS Ventura
Impact: An application may be able to break out of its sandbox
Description: A logic issue was addressed with improved checks.
CVE-2024-44122: an anonymous researcher<\/p>\n

Maps
Available for: macOS Ventura
Impact: An app may be able to read sensitive location information
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-44222: Kirin (@Pwnrin)<\/p>\n

Messages
Available for: macOS Ventura
Impact: An app may be able to break out of its sandbox
Description: The issue was addressed with improved input sanitization.
CVE-2024-44256: Mickey Jin (@patch1t)<\/p>\n

PackageKit
Available for: macOS Ventura
Impact: An app may be able to bypass Privacy preferences
Description: A path deletion vulnerability was addressed by preventing
vulnerable code from running with privileges.
CVE-2024-44156: Arsenii Kostromin (0x3c3e)
CVE-2024-44159: Mickey Jin (@patch1t)<\/p>\n

PackageKit
Available for: macOS Ventura
Impact: An app may be able to modify protected parts of the file system
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-44196: Csaba Fitzl (@theevilbit) of Kandji<\/p>\n

PackageKit
Available for: macOS Ventura
Impact: An app may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2024-44253: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of
Kandji<\/p>\n

PackageKit
Available for: macOS Ventura
Impact: A malicious application may be able to modify protected parts of
the file system
Description: The issue was addressed with improved checks.
CVE-2024-44247: Un3xploitable of CW Research Inc
CVE-2024-44267: Bohdan Stasiuk (@Bohdan_Stasiuk), Un3xploitable of CW
Research Inc, Pedro T\u00f4rres (@t0rr3sp3dr0)
CVE-2024-44301: Bohdan Stasiuk (@Bohdan_Stasiuk), Un3xploitable of CW
Research Inc, Pedro T\u00f4rres (@t0rr3sp3dr0)
CVE-2024-44275: Arsenii Kostromin (0x3c3e)<\/p>\n

PackageKit
Available for: macOS Ventura
Impact: An attacker with root privileges may be able to delete protected
system files
Description: A path deletion vulnerability was addressed by preventing
vulnerable code from running with privileges.
CVE-2024-44294: Mickey Jin (@patch1t)<\/p>\n

Screen Capture
Available for: macOS Ventura
Impact: An attacker with physical access may be able to share items from
the lock screen
Description: The issue was addressed with improved checks.
CVE-2024-44137: Halle Winkler, Politepix @hallewinkler<\/p>\n

Shortcuts
Available for: macOS Ventura
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-44254: Kirin (@Pwnrin)<\/p>\n

Shortcuts
Available for: macOS Ventura
Impact: A malicious app may use shortcuts to access restricted files
Description: A logic issue was addressed with improved checks.
CVE-2024-44269: an anonymous researcher<\/p>\n

sips
Available for: macOS Ventura
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2024-44236: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
CVE-2024-44237: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n

sips
Available for: macOS Ventura
Impact: Parsing a maliciously crafted file may lead to an unexpected app
termination
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-44284: Junsung Lee, dw0r! working with Trend Micro Zero Day
Initiative<\/p>\n

sips
Available for: macOS Ventura
Impact: Parsing a file may lead to disclosure of user information
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2024-44279: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
CVE-2024-44281: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n

sips
Available for: macOS Ventura
Impact: Parsing a maliciously crafted file may lead to an unexpected app
termination
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2024-44283: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n

Siri
Available for: macOS Ventura
Impact: A sandboxed app may be able to access sensitive user data in
system logs
Description: An information disclosure issue was addressed with improved
private data redaction for log entries.
CVE-2024-44278: Kirin (@Pwnrin)<\/p>\n

SystemMigration
Available for: macOS Ventura
Impact: A malicious app may be able to create symlinks to protected
regions of the disk
Description: This issue was addressed with improved validation of
symlinks.
CVE-2024-44264: Mickey Jin (@patch1t)<\/p>\n

WindowServer
Available for: macOS Ventura
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-44257: Bohdan Stasiuk (@Bohdan_Stasiuk)<\/p>\n

Additional recognition<\/p>\n

NetworkExtension
We would like to acknowledge Patrick Wardle of DoubleYou & the
Objective-See Foundation for their assistance.<\/p>\n

Security
We would like to acknowledge Bing Shi, Wenchao Li and Xiaolong Bai of
Alibaba Group for their assistance.<\/p>\n

Spotlight
We would like to acknowledge Paulo Henrique Batista Rosa de Castro
(@paulohbrc) for their assistance.<\/p>\n

macOS Ventura 13.7.1 may be obtained from the Mac App Store or
Apple’s Software Downloads web site:
https:\/\/support.apple.com\/downloads\/<\/p>\n

All information is also posted on the Apple Security Releases
web site: https:\/\/support.apple.com\/100100.<\/p>\n

This message is signed with Apple’s Product Security PGP key,
and details are available at:
https:\/\/www.apple.com\/support\/security\/pgp\/<\/p>\n

—–BEGIN PGP SIGNATURE—–<\/p>\n

iQIzBAEBCAAdFiEEsz9altA7uTI+rE\/qX+5d1TXaIvoFAmcgAA8ACgkQX+5d1TXa
IvrXBg\/8DeQSQAigpeRoMRWyyfrezV21cUXKEUCAjoJhrdQmSg37fyGZNPeWsSxQ
gGqvh8sGPaI6iKFpd2hY9a9CyJGnBmH0AwjeU0evvmqclrQaYEuHZosaR1yyiemt
wjTAt9IvtaT0oLJ4ic+pdu4jXgc\/pbzg25bwNbzG7S\/pMFs\/by7yAJt9duOGFkMC
5FuLFdpASL1uZ3Mh3o1tIxexLV+UBv2duTdYhJSKDTvD9GDZ4KLKlcujt1XnF76o
uu7TPx7mh6oZwTk\/1nhZqkIlaJyJPKv7Qf+za6FfEjpw+jU8QNnQQFPIq2wc1qR3
rzsbDubRoTPt0a59Q3z2sbDlRxk3Phuq6o58PJS+FcAEOqCSeChNIDDMoFvSKs7M
MdxFHtyVDhUPyaJMyjnzpOTqxCn2yxbdgg1fgP5PiWeyK963zmpgnSmm\/Rqrtj4Y
Y0ObbeKn4MArTc+7vMSJb\/f2WtsJPn5MufpUPNhXp2OTdXOVEoa+MIO+BDHc+32d
AXnwXLWEec7FnSILyWTd+lApPKy4+ptn1asnDrhz1s3VuGC27mImtxh0kn9JUfFT
kFXX9ct8G2AybkxOLMYmen5fb\/33Ypbb1AJp7n0776d1qpomsIUdSkEJs7\/CAIcb
vWc21lLZdoaYfd7KmL\/9Y\/n0S5AihmqXmsDQKQ4+lrxJmU4xww0=
=cN79
—–END PGP SIGNATURE—–<\/p>\n","protected":false},"excerpt":{"rendered":"

—–BEGIN PGP SIGNED MESSAGE—–Hash: SHA256 APPLE-SA-10-28-2024-5 macOS Ventura 13.7.1 macOS Ventura 13.7.1 addresses the following issues.Information about the security content is also available athttps:\/\/support.apple.com\/121568. Apple maintains a Security Releases page athttps:\/\/support.apple.com\/100100 which lists recentsoftware updates with security advisories. App SupportAvailable for: macOS VenturaImpact: A malicious app may be able to run arbitrary shortcuts withoutuser consentDescription: …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59982","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59982","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59982"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59982\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59982"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59982"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59982"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}