<!--X-Body-Begin-->
<!--X-User-Header-->
<a href="/fulldisclosure/"><img src="/images/fulldisclosure-logo.png" class="l-logo right" alt="fulldisclosure logo" width="80"></a>
<h2 class="m-list"><a href="/fulldisclosure/">Full Disclosure</a>
mailing list archives</h2>
<!--X-User-Header-End-->
<!--X-TopPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="22"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#23">By Date</a>
<a href="24"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="22"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#23">By Thread</a>
<a href="24"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<form class="nst-search center" action="/search/fulldisclosure">
<input class="nst-search-q" name="q" type="search" placeholder="List Archive Search">
<button class="nst-search-button" title="Search">
<img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search">
</button>
</form>
</div>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<h1 class="m-title">APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4</h1>
<hr>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
<em>From</em>: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>
<em>Date</em>: Thu, 07 Mar 2024 18:23:25 -0800
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<hr>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<pre style="margin: 0em;">-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4
macOS Monterey 12.7.4 addresses the following issues.
Information about the security content is also available at
<a rel="nofollow" href="https://support.apple.com/kb/HT214083">https://support.apple.com/kb/HT214083</a>.
Apple maintains a Security Releases page at
<a rel="nofollow" href="https://support.apple.com/HT201222">https://support.apple.com/HT201222</a> which lists recent
software updates with security advisories.
Admin Framework
Available for: macOS Monterey
Impact: An app may be able to elevate privileges
Description: A logic issue was addressed with improved checks.
CVE-2024-23276: Kirin (@Pwnrin)
Airport
Available for: macOS Monterey
Impact: An app may be able to read sensitive location information
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-23227: Brian McNulty
AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file system
Description: A downgrade issue affecting Intel-based Mac computers was
addressed with additional code-signing restrictions.
CVE-2024-23269: Mickey Jin (@patch1t)
ColorSync
Available for: macOS Monterey
Impact: Processing a file may lead to unexpected app termination or
arbitrary code execution
Description: The issue was addressed with improved memory handling.
CVE-2024-23247: m4yfly with TianGong Team of Legendsec at Qi'anxin Group
CoreCrypto
Available for: macOS Monterey
Impact: An attacker may be able to decrypt legacy RSA PKCS#1 v1.5
ciphertexts without having the private key
Description: A timing side-channel issue was addressed with improvements
to constant-time computation in cryptographic functions.
CVE-2024-23218: Clemens Lang
Dock
Available for: macOS Monterey
Impact: An app from a standard user account may be able to escalate
privilege after admin user login
Description: A logic issue was addressed with improved restrictions.
CVE-2024-23244: Csaba Fitzl (@theevilbit) of OffSec
Image Processing
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2024-23270: an anonymous researcher
ImageIO
Available for: macOS Monterey
Impact: Processing an image may lead to arbitrary code execution
Description: A buffer overflow issue was addressed with improved memory
handling.
CVE-2024-23286: Dohyun Lee (@l33d0hyun)
ImageIO
Available for: macOS Monterey
Impact: Processing an image may result in disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2024-23257: Junsung Lee working with Trend Micro Zero Day Initiative
Intel Graphics Driver
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-23234: Murray Mike
Kerberos v5 PAM module
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2024-23266: Pedro Tôrres (@t0rr3sp3dr0)
Kernel
Available for: macOS Monterey
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2024-23265: Xinru Chi of Pangu Lab
Kernel
Available for: macOS Monterey
Impact: An attacker with arbitrary kernel read and write capability may
be able to bypass kernel memory protections. Apple is aware of a report
that this issue may have been exploited.
Description: A memory corruption issue was addressed with improved
validation.
CVE-2024-23225
libxpc
Available for: macOS Monterey
Impact: An app may be able to cause a denial-of-service
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-23201: Koh M. Nakagawa of FFRI Security, Inc. and an anonymous
researcher
MediaRemote
Available for: macOS Monterey
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2023-28826: Meng Zhang (鲸落) of NorthSea
Metal
Available for: macOS Monterey
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2024-23264: Meysam Firouzi @R00tkitsmm working with Trend Micro Zero
Day Initiative
Notes
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-23283
PackageKit
Available for: macOS Monterey
Impact: An app may be able to elevate privileges
Description: An injection issue was addressed with improved input
validation.
CVE-2024-23274: Bohdan Stasiuk (@Bohdan_Stasiuk)
CVE-2024-23268: Mickey Jin (@patch1t), and Pedro Tôrres (@t0rr3sp3dr0)
PackageKit
Available for: macOS Monterey
Impact: An app may be able to access protected user data
Description: A race condition was addressed with additional validation.
CVE-2024-23275: Mickey Jin (@patch1t)
PackageKit
Available for: macOS Monterey
Impact: An app may be able to bypass certain Privacy preferences
Description: The issue was addressed with improved checks.
CVE-2024-23267: Mickey Jin (@patch1t)
PackageKit
Available for: macOS Monterey
Impact: An app may be able to overwrite arbitrary files
Description: A path handling issue was addressed with improved
validation.
CVE-2024-23216: Pedro Tôrres (@t0rr3sp3dr0)
SharedFileList
Available for: macOS Monterey
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved file handling.
CVE-2024-23230: Mickey Jin (@patch1t)
Shortcuts
Available for: macOS Monterey
Impact: A shortcut may be able to use sensitive data with certain
actions without prompting the user
Description: The issue was addressed with additional permissions checks.
CVE-2024-23204: Jubaer Alnazi (@h33tjubaer)
Shortcuts
Available for: macOS Monterey
Impact: Third-party shortcuts may use a legacy action from Automator to
send events to apps without user consent
Description: This issue was addressed by adding an additional prompt for
user consent.
CVE-2024-23245: an anonymous researcher
Storage Services
Available for: macOS Monterey
Impact: A user may gain access to protected parts of the file system
Description: A logic issue was addressed with improved checks.
CVE-2024-23272: Mickey Jin (@patch1t)
macOS Monterey 12.7.4 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
<a rel="nofollow" href="https://support.apple.com/downloads/">https://support.apple.com/downloads/</a>
All information is also posted on the Apple Security Releases
web site: <a rel="nofollow" href="https://support.apple.com/en-us/HT201222">https://support.apple.com/en-us/HT201222</a>.
This message is signed with Apple's Product Security PGP key,
and details are available at:
<a rel="nofollow" href="https://www.apple.com/support/security/pgp/">https://www.apple.com/support/security/pgp/</a>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmXqccMACgkQX+5d1TXa
IvoRPw//aOvhmfw+nqXXgAMv5Ptm8/G29gC7vtiS6WVFJsmUEQA5aM5P8KYRT1VP
UtxDS0ShqKze958tIsiGpOshP7jildMmv52VKLG3HIV8XTTgiSBmO7ODPheGQaaG
wgUkoZbue7VRSr9UZEm8qbLPdJpCUIbSWJImRbE6k4+Ap1IqRsYVv01gLN9+Ohhw
tv6ObXbqeKI7EjRcfxqAG/SdehWg2azogMsdrq+wfpaEZG+Fy6B2NPu8AOcKICRQ
to8JKPWMvtoGjbns5r8OPd9O29z3icsIB8b3qfQZHTc5i/eWi++VoAhLR2lEq8Ts
hUPbOyf1AU4BeFKCC2MI060lOwK1WE4LRvD/CWv0g02b+yW9lXQ5xTah4+ycYaEp
vXbxtlp7Da8s0XTDACFVvfMMN7fi3NIBSjwtz6YnqN6cxVnV/re69UYwuT44aJ4s
UA5NElkhe7NZJ1+QQ5mSws19+PjP7TZpdeaPxxQfr6JN2Mi0a52tCaCmF0gIZHJj
/HyjQzJHb40w5e4Vqw2r4GxvgZvjmUiW4pvPXgKD+6Ykp+g4lhHldSSFnDakjSy3
OUM2idhKAHeHdFSm6UEv4ehhJM660DbDRujaZPpVuSKpcqKS79vcjs/gD/EGt/uG
rhwMQd321+WzaKcGxu0gbAVRMzAtP/yxMEovCU2zFfh3AxbopDg=
=KbmJ
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
<a rel="nofollow" href="https://nmap.org/mailman/listinfo/fulldisclosure">https://nmap.org/mailman/listinfo/fulldisclosure</a>
Web Archives & RSS: <a rel="nofollow" href="https://seclists.org/fulldisclosure/">https://seclists.org/fulldisclosure/</a></pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="22"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#23">By Date</a>
<a href="24"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="22"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#23">By Thread</a>
<a href="24"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
</div>
<h3 class="m-thread">Current thread:</h3>
<ul class="thread">
<li><strong>APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4</strong> <em>Apple Product Security via Fulldisclosure (Mar 13)</em>
</li></ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<p>