(2020年7月16日掲載)
Appleより、watchOS 6.2.8、tvOS 13.4.8 がリリースされました。
以下の点が更新されていますのでリリースノートより引用いたします。
※一部英語表記にて引用致します。
watchOS 6.2.8には新機能と改善が含まれています。
一部の機能は地域やAppleデバイスによっては利用できないことがあります。Appleソフトウェア・アップデートのセキュリティコンテンツについては、以下のWebサイトをご覧ください: https://support.apple.com/ja-jp/HT201222
Released July 15, 2020
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2020-9888: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab
CVE-2020-9890: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab
CVE-2020-9891: JunDong Xie and XingWei Li of Ant-financial Light-Year Security Lab
AVEVideoEncoder
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed by removing the vulnerable code.
CVE-2020-9907: an anonymous researcher
Crash Reporter
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to break out of its sandbox
Description: A memory corruption issue was addressed by removing the vulnerable code.
CVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360 BugCloud
GeoServices
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to read sensitive location information
Description: An authorization issue was addressed with improved state management.
CVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.
iAP
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to execute arbitrary code
Description: An input validation issue existed in Bluetooth. This issue was addressed with improved input validation.
CVE-2020-9914: Andy Davis of NCC Group
ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2020-9936: Mickey Jin of Trend Micro
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to inject into active connections within a VPN tunnel
Description: A routing issue was addressed with improved restrictions.
CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R. Crandall
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2020-9909: Brandon Azad of Google Project Zero
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced
Description: An access issue existed in Content Security Policy. This issue was addressed with improved access restrictions.
CVE-2020-9915: an anonymous researcher
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to universal cross site scripting
Description: A logic issue was addressed with improved state management.
CVE-2020-9925: an anonymous researcher
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: A use after free issue was addressed with improved memory management.
CVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative
CVE-2020-9895: Wen Xu of SSLab, Georgia Tech
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication
Description: Multiple issues were addressed with improved logic.
CVE-2020-9910: Samuel Groß of Google Project Zero
WebKit Page Loading
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious attacker may be able to conceal the destination of a URL
Description: A URL Unicode encoding issue was addressed with improved state management.
CVE-2020-9916: Rakesh Mane (@RakeshMane10)
WebKit Web Inspector
Available for: Apple TV 4K and Apple TV HD
Impact: Copying a URL from Web Inspector may lead to command injection
Description: A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.
CVE-2020-9862: Ophir Lojkine (@lovasoa)
Wi-Fi
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected system termination or corrupt kernel memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud (bugcloud.360.cn)
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for their assistance.
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.