Vulmon
<!--X-Body-Begin-->
<!--X-User-Header-->
<a href="/fulldisclosure/"><img src="/images/fulldisclosure-logo.png" class="l-logo right" alt="fulldisclosure logo" width="80"></a>
<h2 class="m-list"><a href="/fulldisclosure/">Full Disclosure</a>
mailing list archives</h2>
<!--X-User-Header-End-->
<!--X-TopPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="21"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#22">By Date</a>
<a href="23"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="21"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#22">By Thread</a>
<a href="23"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<form class="nst-search center" action="/search/fulldisclosure">
<input class="nst-search-q" name="q" type="search" placeholder="List Archive Search">
<button class="nst-search-button" title="Search">
<img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search">
</button>
</form>
</div>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<h1 class="m-title">APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5</h1>
<hr>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
<em>From</em>: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>
<em>Date</em>: Thu, 07 Mar 2024 18:23:01 -0800
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<hr>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<pre style="margin: 0em;">-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5
macOS Ventura 13.6.5 addresses the following issues.
Information about the security content is also available at
<a rel="nofollow" href="https://support.apple.com/kb/HT214085">https://support.apple.com/kb/HT214085</a>.
Apple maintains a Security Releases page at
<a rel="nofollow" href="https://support.apple.com/HT201222">https://support.apple.com/HT201222</a> which lists recent
software updates with security advisories.
Admin Framework
Available for: macOS Ventura
Impact: An app may be able to elevate privileges
Description: A logic issue was addressed with improved checks.
CVE-2024-23276: Kirin (@Pwnrin)
Airport
Available for: macOS Ventura
Impact: An app may be able to read sensitive location information
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2024-23227: Brian McNulty
AppleMobileFileIntegrity
Available for: macOS Ventura
Impact: An app may be able to modify protected parts of the file system
Description: A downgrade issue affecting Intel-based Mac computers was
addressed with additional code-signing restrictions.
CVE-2024-23269: Mickey Jin (@patch1t)
ColorSync
Available for: macOS Ventura
Impact: Processing a file may lead to unexpected app termination or
arbitrary code execution
Description: The issue was addressed with improved memory handling.
CVE-2024-23247: m4yfly with TianGong Team of Legendsec at Qi'anxin Group
CoreCrypto
Available for: macOS Ventura
Impact: An attacker may be able to decrypt legacy RSA PKCS#1 v1.5
ciphertexts without having the private key
Description: A timing side-channel issue was addressed with improvements
to constant-time computation in cryptographic functions.
CVE-2024-23218: Clemens Lang
Image Processing
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2024-23270: an anonymous researcher
ImageIO
Available for: macOS Ventura
Impact: Processing an image may lead to arbitrary code execution
Description: A buffer overflow issue was addressed with improved memory
handling.
CVE-2024-23286: Dohyun Lee (@l33d0hyun)
ImageIO
Available for: macOS Ventura
Impact: Processing an image may result in disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2024-23257: Junsung Lee working with Trend Micro Zero Day Initiative
Intel Graphics Driver
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2024-23234: Murray Mike
Kerberos v5 PAM module
Available for: macOS Ventura
Impact: An app may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2024-23266: Pedro Tôrres (@t0rr3sp3dr0)
Kernel
Available for: macOS Ventura
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2024-23265: Xinru Chi of Pangu Lab
Kernel
Available for: macOS Ventura
Impact: An attacker with arbitrary kernel read and write capability may
be able to bypass kernel memory protections. Apple is aware of a report
that this issue may have been exploited.
Description: A memory corruption issue was addressed with improved
validation.
CVE-2024-23225
libxpc
Available for: macOS Ventura
Impact: An app may be able to cause a denial-of-service
Description: A permissions issue was addressed with additional
restrictions.
CVE-2024-23201: Koh M. Nakagawa of FFRI Security, Inc., an anonymous
researcher
libxpc
Available for: macOS Ventura
Impact: An app may be able to break out of its sandbox
Description: The issue was addressed with improved checks.
CVE-2024-23278: an anonymous researcher
MediaRemote
Available for: macOS Ventura
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of
sensitive information.
CVE-2023-28826: Meng Zhang (鲸落) of NorthSea
Metal
Available for: macOS Ventura
Impact: An application may be able to read restricted memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2024-23264: Meysam Firouzi @R00tkitsmm working with Trend Micro Zero
Day Initiative
Notes
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-23283
PackageKit
Available for: macOS Ventura
Impact: An app may be able to elevate privileges
Description: An injection issue was addressed with improved input
validation.
CVE-2024-23274: Bohdan Stasiuk (@Bohdan_Stasiuk)
CVE-2024-23268: Mickey Jin (@patch1t) and Pedro Tôrres (@t0rr3sp3dr0)
PackageKit
Available for: macOS Ventura
Impact: An app may be able to access protected user data
Description: A race condition was addressed with additional validation.
CVE-2024-23275: Mickey Jin (@patch1t)
PackageKit
Available for: macOS Ventura
Impact: An app may be able to bypass certain Privacy preferences
Description: The issue was addressed with improved checks.
CVE-2024-23267: Mickey Jin (@patch1t)
PackageKit
Available for: macOS Ventura
Impact: An app may be able to overwrite arbitrary files
Description: A path handling issue was addressed with improved
validation.
CVE-2024-23216: Pedro Tôrres (@t0rr3sp3dr0)
Share Sheet
Available for: macOS Ventura
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2024-23231: Kirin (@Pwnrin) and luckyu (@uuulucky)
SharedFileList
Available for: macOS Ventura
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved file handling.
CVE-2024-23230: Mickey Jin (@patch1t)
Shortcuts
Available for: macOS Ventura
Impact: A shortcut may be able to use sensitive data with certain
actions without prompting the user
Description: The issue was addressed with additional permissions checks.
CVE-2024-23203: an anonymous researcher
CVE-2024-23204: Jubaer Alnazi (@h33tjubaer)
Shortcuts
Available for: macOS Ventura
Impact: Third-party shortcuts may use a legacy action from Automator to
send events to apps without user consent
Description: This issue was addressed by adding an additional prompt for
user consent.
CVE-2024-23245: an anonymous researcher
Shortcuts
Available for: macOS Ventura
Impact: An app may be able to bypass certain Privacy preferences
Description: A privacy issue was addressed with improved handling of
temporary files.
CVE-2024-23217: Kirin (@Pwnrin)
Storage Services
Available for: macOS Ventura
Impact: A user may gain access to protected parts of the file system
Description: A logic issue was addressed with improved checks.
CVE-2024-23272: Mickey Jin (@patch1t)
macOS Ventura 13.6.5 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
<a rel="nofollow" href="https://support.apple.com/downloads/">https://support.apple.com/downloads/</a>
All information is also posted on the Apple Security Releases
web site: <a rel="nofollow" href="https://support.apple.com/en-us/HT201222">https://support.apple.com/en-us/HT201222</a>.
This message is signed with Apple's Product Security PGP key,
and details are available at:
<a rel="nofollow" href="https://www.apple.com/support/security/pgp/">https://www.apple.com/support/security/pgp/</a>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmXqcaEACgkQX+5d1TXa
IvoxgRAAopj1LTj5OMQaCGmWOuKH1O6geW0dtsuuHvVcr0LbyFZrY6okYdZKCKO1
/QHiWW/p81kH2QFMP77CDsfO0Un15UKn3OfiMacI0i4H3LMg6oqy6rZ43ZOq6TH9
m03pRKWFon6com84LPbSR4sc96+axgfqLPvxOWIiYcgaq3XVbdarWX9vMbNv7C1n
4dOcXlfi0f0yZrWHL0hyZvxjpGXzAJ6CFpC5CkM7QjX7nKkwyg5g932XstP3o19u
GHakPEtECLgZ4v9DdXJRsSzoF75+Ac0Ckl3e9oLTucgNDE0IDGct32nIMgT4N8Zp
ONC2+63xROLYdwr5lcs/k8zgJ+yyvsExale28wkF6jLgCj5lSYiaJY5ghoScPh03
YIfDAgLl93uDxcJVv4Xk3tzArF1vTG0rUmGPVvMvMFMp0vG7oiGLNZZPbOKo4fif
XZ02WqPJdAoRvwoGSPm7As7zToAXQENbZw18YAXA95cwOorNuNbzTuN5qP1EKGfh
M+sg30PVxwL0Zqq1PqWqZl7qrhtOn/x/aul/m7J2RwBMHFmLM0B5g0l8lV9JlPo4
8Gd/iKzmLw0SZmIutoPMODw6DHySi2A+i9Za0nAL2EQ5j4GVe6W1QARvkr2EgTQl
K/qMrSOOzwmqwn251Aqag/+beUKYUjVcFXiLAtYlTVwQVgoyXNs=
=BUE7
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
<a rel="nofollow" href="https://nmap.org/mailman/listinfo/fulldisclosure">https://nmap.org/mailman/listinfo/fulldisclosure</a>
Web Archives & RSS: <a rel="nofollow" href="https://seclists.org/fulldisclosure/">https://seclists.org/fulldisclosure/</a></pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="21"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#22">By Date</a>
<a href="23"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="21"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#22">By Thread</a>
<a href="23"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
</div>
<h3 class="m-thread">Current thread:</h3>
<ul class="thread">
<li><strong>APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5</strong> <em>Apple Product Security via Fulldisclosure (Mar 13)</em>
</li></ul>
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<p>