Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

APPLE-SA-2020-1-28-3 watchOS 6.1.2

Related Vulnerabilities: CVE-2020-3877   CVE-2020-3857   CVE-2020-3870   CVE-2020-3878   CVE-2020-3837   CVE-2020-3875   CVE-2020-3836   CVE-2020-3872   CVE-2020-3842   CVE-2020-3834   CVE-2020-3860   CVE-2020-3853   CVE-2020-3856   CVE-2020-3829   CVE-2020-3838  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->
<a href="/fulldisclosure/"><img src="/images/fulldisclosure-logo.png" class="l-logo right" alt="fulldisclosure logo" width="80"></a>
<h2 class="m-list"><a href="/fulldisclosure/">Full Disclosure</a>
mailing list archives</h2>
<!--X-User-Header-End-->
<!--X-TopPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="40"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#41">By Date</a>
<a href="42"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="40"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#41">By Thread</a>
<a href="42"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<form class="nst-search center" action="/search/fulldisclosure">
<input class="nst-search-q" name="q" type="search" placeholder="List Archive Search">
<button class="nst-search-button" title="Search">
<img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search">
</button>
</form>

</div>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<h1 class="m-title">APPLE-SA-2020-1-28-3 watchOS 6.1.2</h1>
<hr>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->


<em>From</em>: Apple Product Security via Fulldisclosure &lt;fulldisclosure () seclists org&gt;


<em>Date</em>: Tue, 28 Jan 2020 14:36:35 -0800


<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<hr>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<pre style="margin: 0em;">-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2020-1-28-3 watchOS 6.1.2

watchOS 6.1.2 is now available and addresses the following:

AnnotationKit
Available for: Apple Watch Series 1 and later
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3877: an anonymous researcher working with Trend Micro's
Zero Day Initiative

Audio
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-3857: Zhuo Liang of Qihoo 360 Vulcan Team

ImageIO
Available for: Apple Watch Series 1 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-3870
CVE-2020-3878: Samuel Groß of Google Project Zero

IOAcceleratorFamily
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-3837: Brandon Azad of Google Project Zero

Kernel
Available for: Apple Watch Series 1 and later
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2020-3875: Brandon Azad of Google Project Zero

Kernel
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to determine kernel
memory layout
Description: An access issue was addressed with improved memory
management.
CVE-2020-3836: Brandon Azad of Google Project Zero

Kernel
Available for: Apple Watch Series 1 and later
Impact: An application may be able to read restricted memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2020-3872: Haakon Garseg Mørk of Cognite and Cim Stordal of
Cognite

Kernel
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-3842: Ned Williamson working with Google Project Zero

Kernel
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-3834: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc,
Luyi Xing of Indiana University Bloomington

Kernel
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-3860: Proteas of Qihoo 360 Nirvan Team

Kernel
Available for: Apple Watch Series 1 and later
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2020-3853: Brandon Azad of Google Project Zero

libxpc
Available for: Apple Watch Series 1 and later
Impact: Processing a maliciously crafted string may lead to heap
corruption
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-3856: Ian Beer of Google Project Zero

libxpc
Available for: Apple Watch Series 1 and later
Impact: An application may be able to gain elevated privileges
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-3829: Ian Beer of Google Project Zero

wifivelocityd
Available for: Apple Watch Series 1 and later
Impact: An application may be able to execute arbitrary code with
system privileges
Description: The issue was addressed with improved permissions logic.
CVE-2020-3838: Dayton Pidhirney (@_watbulb)

Additional recognition

IOSurface
We would like to acknowledge Liang Chen (@chenliang0817) for their
assistance.

Installation note:

Instructions on how to update your Apple Watch software are
available at <a rel="nofollow" href="https://support.apple.com/kb/HT204641">https://support.apple.com/kb/HT204641</a>

To check the version on your Apple Watch, open the Apple Watch app
on your iPhone and select "My Watch &gt; General &gt; About".

Alternatively, on your watch, select "My Watch &gt; General &gt; About".

Information will also be posted to the Apple Security Updates
web site: <a rel="nofollow" href="https://support.apple.com/kb/HT201222">https://support.apple.com/kb/HT201222</a>

This message is signed with Apple's Product Security PGP key,
and details are available at:
<a rel="nofollow" href="https://www.apple.com/support/security/pgp/">https://www.apple.com/support/security/pgp/</a>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl4whoIACgkQBz4uGe3y
0M2stQ/+OuyWKYzmyoukbioqc52unZuM9BR/7DSPTXV3V2DZiOnbB9g/GjSXfZ6B
MwgIrhKfXW3krfSQFgeQVeAeoZWSYNpp3+C+gmc1o1sJwuFOIljiLGLAZGYh18u+
/eLLKFPQEmTn7JxQyIltCmVba3RHK0/ejmM9Ixrxz7LfwDlYJAJpfUnv7othupHx
17VvkPb4FRIiwpi1XF3iqDAtm6KXe8PJth5HaLpvLFUFo+AqEIF1UdK6iB4Sn6GO
Qm5xmuJHLZvz6Bbz211LcWmyR5qFtp/FsIDIR9kX8g1DnaUY4/7atF5CAwA4hiz5
dW+2hYwG7XLg2b0i+MMatEOrT90CAfb1gMK2WdAbPOfVkuCDAM4GAGI1EkCYPUhP
/nxw9EVPlfSkxqcIRgw4dg3T3Sij29UAoh8R11I+Q4rkWZU6t8QDohZ8Nwo1W3DZ
XCa5sRmoXw5oKgQTby+aDd2Bk5IeLWThOJy0sx42BlMAhynh008PJZmFIQLXwgiI
5Scf2BMc8SxO1TwuyTyOoOx3Y82PfFw1Pw7dgoNlXcMZa/nzSUEzg7zJhKr3JGs+
tusuHY5pFE5ATTVifBPREyPc79KhaLF4BjlH58VYaPw09jyC0cb8C61foGsR1BjT
Ua+Wg313tcHsC4gUUFn9dtLzJcgx+7GlDglpAPGIxd7OOeotvD8=
=ZxyW
-----END PGP SIGNATURE-----


_______________________________________________
Sent through the Full Disclosure mailing list
<a rel="nofollow" href="https://nmap.org/mailman/listinfo/fulldisclosure">https://nmap.org/mailman/listinfo/fulldisclosure</a>
Web Archives &amp; RSS: <a rel="nofollow" href="http://seclists.org/fulldisclosure/">http://seclists.org/fulldisclosure/</a></pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="40"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#41">By Date</a>
<a href="42"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="40"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#41">By Thread</a>
<a href="42"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
</div>
<h3 class="m-thread">Current thread:</h3>
<ul class="thread">
<li><strong>APPLE-SA-2020-1-28-3 watchOS 6.1.2</strong> <em>Apple Product Security via Fulldisclosure (Jan 31)</em>
</li></ul>


<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started