—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256<\/p>\n
APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1<\/p>\n
macOS Sonoma 14.7.1 addresses the following issues.
Information about the security content is also available at
https:\/\/support.apple.com\/121570.<\/p>\n
Apple maintains a Security Releases page at
https:\/\/support.apple.com\/100100 which lists recent
software updates with security advisories.<\/p>\n
App Support
Available for: macOS Sonoma
Impact: A malicious app may be able to run arbitrary shortcuts without
user consent
Description: A path handling issue was addressed with improved logic.
CVE-2024-44255: an anonymous researcher<\/p>\n
AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved validation.
CVE-2024-44270: Mickey Jin (@patch1t)<\/p>\n
AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: A downgrade issue affecting Intel-based Mac computers was
addressed with additional code-signing restrictions.
CVE-2024-44280: Mickey Jin (@patch1t)<\/p>\n
Assets
Available for: macOS Sonoma
Impact: A malicious app with root privileges may be able to modify the
contents of system files
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-44260: Mickey Jin (@patch1t)<\/p>\n
CoreMedia Playback
Available for: macOS Sonoma
Impact: A malicious app may be able to access private information
Description: This issue was addressed with improved handling of
symlinks.
CVE-2024-44273: pattern-f (@pattern_F_), Hikerell of Loadshine Lab<\/p>\n
CoreServicesUIAgent
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: This issue was addressed with additional entitlement
checks.
CVE-2024-44295: an anonymous researcher<\/p>\n
CoreText
Available for: macOS Sonoma
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: The issue was addressed with improved checks.
CVE-2024-44240: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
CVE-2024-44302: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n
CUPS
Available for: macOS Sonoma
Impact: An attacker in a privileged network position may be able to leak
sensitive user information
Description: An issue existed in the parsing of URLs. This issue was
addressed with improved input validation.
CVE-2024-44213: Alexandre Bedard<\/p>\n
DiskArbitration
Available for: macOS Sonoma
Impact: A sandboxed app may be able to access sensitive user data
Description: The issue was addressed with improved checks.
CVE-2024-40855: Csaba Fitzl (@theevilbit) of Kandji<\/p>\n
Find My
Available for: macOS Sonoma
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-44289: Kirin (@Pwnrin)<\/p>\n
Foundation
Available for: macOS Sonoma
Impact: Parsing a file may lead to disclosure of user information
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2024-44282: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n
Game Controllers
Available for: macOS Sonoma
Impact: An attacker with physical access can input Game Controller
events to apps running on a locked device
Description: The issue was addressed by restricting options offered on a
locked device.
CVE-2024-44265: Ronny Stiftel<\/p>\n
ImageIO
Available for: macOS Sonoma
Impact: Processing an image may result in disclosure of process memory
Description: This issue was addressed with improved checks.
CVE-2024-44215: Junsung Lee working with Trend Micro Zero Day Initiative<\/p>\n
ImageIO
Available for: macOS Sonoma
Impact: Processing a maliciously crafted message may lead to a denial-
of-service
Description: The issue was addressed with improved bounds checks.
CVE-2024-44297: Jex Amro<\/p>\n
Installer
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2024-44216: Zhongquan Li (@Guluisacat)<\/p>\n
Installer
Available for: macOS Sonoma
Impact: A malicious application may be able to modify protected parts of
the file system
Description: The issue was addressed with improved checks.
CVE-2024-44287: Mickey Jin (@patch1t)<\/p>\n
IOGPUFamily
Available for: macOS Sonoma
Impact: A malicious app may be able to cause a denial-of-service
Description: The issue was addressed with improved memory handling.
CVE-2024-44197: Wang Yu of Cyberserval<\/p>\n
Kernel
Available for: macOS Sonoma
Impact: An app may be able to leak sensitive kernel state
Description: An information disclosure issue was addressed with improved
private data redaction for log entries.
CVE-2024-44239: Mateusz Krzywicki (@krzywix)<\/p>\n
Kernel
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved validation of
symlinks.
CVE-2024-44175: Csaba Fitzl (@theevilbit) of Kandji<\/p>\n
LaunchServices
Available for: macOS Sonoma
Impact: An application may be able to break out of its sandbox
Description: A logic issue was addressed with improved checks.
CVE-2024-44122: an anonymous researcher<\/p>\n
Maps
Available for: macOS Sonoma
Impact: An app may be able to read sensitive location information
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-44222: Kirin (@Pwnrin)<\/p>\n
Messages
Available for: macOS Sonoma
Impact: An app may be able to break out of its sandbox
Description: The issue was addressed with improved input sanitization.
CVE-2024-44256: Mickey Jin (@patch1t)<\/p>\n
PackageKit
Available for: macOS Sonoma
Impact: An app may be able to bypass Privacy preferences
Description: A path deletion vulnerability was addressed by preventing
vulnerable code from running with privileges.
CVE-2024-44159: Mickey Jin (@patch1t)
CVE-2024-44156: Arsenii Kostromin (0x3c3e)<\/p>\n
PackageKit
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-44196: Csaba Fitzl (@theevilbit) of Kandji<\/p>\n
PackageKit
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2024-44253: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of
Kandji<\/p>\n
PackageKit
Available for: macOS Sonoma
Impact: A malicious application may be able to modify protected parts of
the file system
Description: The issue was addressed with improved checks.
CVE-2024-44247: Un3xploitable of CW Research Inc
CVE-2024-44267: Bohdan Stasiuk (@Bohdan_Stasiuk), Un3xploitable of CW
Research Inc, Pedro T\u00f4rres (@t0rr3sp3dr0)
CVE-2024-44301: Bohdan Stasiuk (@Bohdan_Stasiuk), Un3xploitable of CW
Research Inc, Pedro T\u00f4rres (@t0rr3sp3dr0)
CVE-2024-44275: Arsenii Kostromin (0x3c3e)<\/p>\n
PackageKit
Available for: macOS Sonoma
Impact: An attacker with root privileges may be able to delete protected
system files
Description: A path deletion vulnerability was addressed by preventing
vulnerable code from running with privileges.
CVE-2024-44294: Mickey Jin (@patch1t)<\/p>\n
SceneKit
Available for: macOS Sonoma
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: A buffer overflow was addressed with improved size
validation.
CVE-2024-44144: \ub0e5\ub0e5<\/p>\n
SceneKit
Available for: macOS Sonoma
Impact: Processing a maliciously crafted file may lead to heap
corruption
Description: This issue was addressed with improved checks.
CVE-2024-44218: Michael DePlante (@izobashi) of Trend Micro Zero Day
Initiative<\/p>\n
Screen Capture
Available for: macOS Sonoma
Impact: An attacker with physical access may be able to share items from
the lock screen
Description: The issue was addressed with improved checks.
CVE-2024-44137: Halle Winkler, Politepix @hallewinkler<\/p>\n
Shortcuts
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-44254: Kirin (@Pwnrin)<\/p>\n
Shortcuts
Available for: macOS Sonoma
Impact: A malicious app may use shortcuts to access restricted files
Description: A logic issue was addressed with improved checks.
CVE-2024-44269: an anonymous researcher<\/p>\n
sips
Available for: macOS Sonoma
Impact: Processing a maliciously crafted file may lead to unexpected app
termination
Description: An out-of-bounds access issue was addressed with improved
bounds checking.
CVE-2024-44236: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
CVE-2024-44237: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n
sips
Available for: macOS Sonoma
Impact: Parsing a maliciously crafted file may lead to an unexpected app
termination
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-44284: Junsung Lee, dw0r! working with Trend Micro Zero Day
Initiative<\/p>\n
sips
Available for: macOS Sonoma
Impact: Parsing a file may lead to disclosure of user information
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2024-44279: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative
CVE-2024-44281: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n
sips
Available for: macOS Sonoma
Impact: Parsing a maliciously crafted file may lead to an unexpected app
termination
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2024-44283: Hossein Lotfi (@hosselot) of Trend Micro Zero Day
Initiative<\/p>\n
Siri
Available for: macOS Sonoma
Impact: A sandboxed app may be able to access sensitive user data in
system logs
Description: An information disclosure issue was addressed with improved
private data redaction for log entries.
CVE-2024-44278: Kirin (@Pwnrin)<\/p>\n
SystemMigration
Available for: macOS Sonoma
Impact: A malicious app may be able to create symlinks to protected
regions of the disk
Description: This issue was addressed with improved validation of
symlinks.
CVE-2024-44264: Mickey Jin (@patch1t)<\/p>\n
WindowServer
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-44257: Bohdan Stasiuk (@Bohdan_Stasiuk)<\/p>\n
Additional recognition<\/p>\n
NetworkExtension
We would like to acknowledge Patrick Wardle of DoubleYou & the
Objective-See Foundation for their assistance.<\/p>\n
Security
We would like to acknowledge Bing Shi, Wenchao Li and Xiaolong Bai of
Alibaba Group for their assistance.<\/p>\n
Spotlight
We would like to acknowledge Paulo Henrique Batista Rosa de Castro
(@paulohbrc) for their assistance.<\/p>\n
macOS Sonoma 14.7.1 may be obtained from the Mac App Store or Apple’s
Software Downloads web site: https:\/\/support.apple.com\/downloads\/<\/p>\n
All information is also posted on the Apple Security Releases
web site: https:\/\/support.apple.com\/100100.<\/p>\n
This message is signed with Apple’s Product Security PGP key,
and details are available at:
https:\/\/www.apple.com\/support\/security\/pgp\/<\/p>\n
—–BEGIN PGP SIGNATURE—–<\/p>\n
iQIzBAEBCAAdFiEEsz9altA7uTI+rE\/qX+5d1TXaIvoFAmcf\/9kACgkQX+5d1TXa
IvrUURAAwGoAU3ccWvDjKZw0r1ouPDWXvLoCzcHx1nQm18Usoo+GOevgBlJflGAz
i7H8nUldqtFy3YW\/Ttr0\/B0ILhPZf\/OzVmE4XqwjqNKXI5a7EvC9A9aLUjjcqNV9
JY6We0EDT+zlOfKaG1SrKhSA7Iqm7sJ6euWotsf3SaJPtVdhabi6rQzi1G5aihsq
B7w+2uLYg5ctywkwbm8Rl3XmorMIwrTrOokYhx+rZMaZwQGnB8UNrVksdaqaBQHU
ak1t71gonnGcJxhy9ceK85xk+WwlCItpUGIvWvuvLBX\/MxMZzdwIzoIP2SGNh8nV
SYYmpbdM2fpAbX0gZQBU3zPPZIoi2pyCV37sV2VIgTtjPLVYBrB2XJXPnIU8pmHA
Abrv7gE6oRY1gJHks1w3iaw8cBMhDVvFd9hr9qfCHikbKsFHfan4oYAQK4SHvxFB
N9rRrgzGcpDP6l0WT+ae\/LmLJHjJpzbu2XuNS2s6h9ohRFwyKXJ70dQku4w\/YQIV
4dciPFkiwNpd3bQpak82bPaIko\/ihLT66y6pyi+SfYDfEBgEH45VvuxhZT9+u9z0
+mxRIc+sPCD4avvt5bU\/7q\/wDIs0dAW6fjeFo8+KiM9JRPwNbTW+VPpr6QWH6JIy
BpAEQH9m0WtlqVFurN4oQWOLnO+dUYKSPYS+QZufDfsLGpO+YtY=
=LeMo
—–END PGP SIGNATURE—–<\/p>\n","protected":false},"excerpt":{"rendered":"
—–BEGIN PGP SIGNED MESSAGE—–Hash: SHA256 APPLE-SA-10-28-2024-4 macOS Sonoma 14.7.1 macOS Sonoma 14.7.1 addresses the following issues.Information about the security content is also available athttps:\/\/support.apple.com\/121570. Apple maintains a Security Releases page athttps:\/\/support.apple.com\/100100 which lists recentsoftware updates with security advisories. App SupportAvailable for: macOS SonomaImpact: A malicious app may be able to run arbitrary shortcuts withoutuser consentDescription: …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-59983","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59983","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=59983"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/59983\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=59983"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=59983"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=59983"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}