[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] APPLE-SA-2020-12-14-7 tvOS 14.3
From:       Apple Product Security via Fulldisclosure <fulldisclosure () seclists ! org>
Date:       2020-12-15 1:17:54
Message-ID: 21B45CC2-C08D-4243-930D-C2C5CC5D01C7 () lists ! apple ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2020-12-14-7 tvOS 14.3

tvOS 14.3 addresses the following issues. Information about the
security content is also available at
https://support.apple.com/HT212005.

CoreAudio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-27948: JunDong Xie of Ant Security Light-Year Lab

FontParser
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An information disclosure issue was addressed with
improved state management.
CVE-2020-27946: Mateusz Jurczyk of Google Project Zero

FontParser
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue existed in the processing of
font files. This issue was addressed with improved input validation.
CVE-2020-27943: Mateusz Jurczyk of Google Project Zero
CVE-2020-27944: Mateusz Jurczyk of Google Project Zero

ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to heap
corruption
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-29617: XingWei Lin of Ant Security Light-Year Lab
CVE-2020-29619: XingWei Lin of Ant Security Light-Year Lab

ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-29618: XingWei Lin of Ant Security Light-Year Lab

ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-29611: Ivan Fratric of Google Project Zero

WebRTC
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-15969: an anonymous researcher

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."

To check the current version of software, select
"Settings -> General -> About."

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl/YBnkACgkQZcsbuWJ6
jjAdUA/+IW1Va0vmKcDFand0B8Y1lkRDdThXQ/lQmLJCPNJ1hQLQZSLUzpYvjyLi
UAepoh/ToYtt9YivitmjfNHxjLvYw/xRV13cpsVMcCvQhhS1N5s4aJEL6f+0LEhv
6U0JvjGoa6/By4sQksdPZnipoNRzEJ3KWRJrFkLnGwvH+uT6KbuzjXqfHwkHJfV2
XgghEJzvoLT1cbXp6XNO/YOV++eeDBkW0L80YukQ2RPDHi3N99Aue9ADe+pbQJH1
eJBWdZV99zjHZrStXKBQ7CF5i9hJnludrMo0V+RgMXRhLrfW5dm6Ww3kLm4okj+D
spAJy8WepCRFwth9+yFcmdxyv2aZJ0MvxuFAIL6Sv9E0FvMW8fPbRHcsJDDTAt4f
mKUPwUex183P7li3SYEK/I1ItcMh039wlulkiP5xw/6JGDIDh7ryOaTPCvnz+MIx
OzcgtdNFLcTA2BDEQwITEp+fpuqAlXw3ykbq5yYZz3AJXxKLVXVLeuB1oEkHJmRi
4EUXb7Lb5TEoMj1dbCmmr6q3eWGCPj5CJcTFJMTNWx8aW4u889mi7FqCnXasAc3M
jg5eSRy+97+tOsdgUYFoMekJqF8jJbljDH1NDmEbMtVc+F7jT4khXN9fRLvqN6An
P4web66vaHKZbUnMDtXHjMSkfniHUT39JKm7CJPNC/vf2HF9HQM=
=4OzT
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]