'[FD] APPLE-SA-2022-01-26-5 tvOS 15.3'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] APPLE-SA-2022-01-26-5 tvOS 15.3
From:       Apple Product Security via Fulldisclosure <fulldisclosure () seclists ! org>
Date:       2022-01-27 0:00:31
Message-ID: 86C8672D-96C0-478B-AE80-A679004B9278 () lists ! apple ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2022-01-26-5 tvOS 15.3

tvOS 15.3 addresses the following issues. 
Information about the security content is also available at
https://support.apple.com/HT213057.

ColorSync
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2022-22584: Mickey Jin (@patch1t) of Trend Micro

Crash Reporter
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to gain root privileges
Description: A logic issue was addressed with improved validation.
CVE-2022-22578: an anonymous researcher

iCloud
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to access a user's files
Description: An issue existed within the path validation logic for
symlinks. This issue was addressed with improved path sanitization.
CVE-2022-22585: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
(https://xlab.tencent.com)

Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2022-22593: Peter Nguyá»…n VÅ© HoÃ ng of STAR Labs

Model I/O
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted STL file may lead to
unexpected application termination or arbitrary code execution
Description: An information disclosure issue was addressed with
improved state management.
CVE-2022-22579: Mickey Jin (@patch1t) of Trend Micro

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-22590: Toan Pham from Team Orca of Sea Security
(security.sea.com)

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced
Description: A logic issue was addressed with improved state
management.
CVE-2022-22592: Prakash (@1lastBr3ath)

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted mail message may lead to
running arbitrary javascript
Description: A validation issue was addressed with improved input
sanitization.
CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu
of Palo Alto Networks (paloaltonetworks.com)

WebKit Storage
Available for: Apple TV 4K and Apple TV HD
Impact: A website may be able to track sensitive user information
Description: A cross-origin issue in the IndexDB API was addressed
with improved input validation.
CVE-2022-22594: Martin Bajanik of FingerprintJS

Additional recognition

WebKit
We would like to acknowledge Prakash (@1lastBr3ath) for their
assistance.

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."

To check the current version of software, select
"Settings -> General -> About."

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmHx1BsACgkQeC9qKD1p
rhhAGg//Uv8GqVrrn9+EvH/YH2FMdQ8mzNKhYfbZu9g4uR7kZpvKZjY/YWoM6/cR
JImeE5vOwKlLW/5iTPWAFq2uQkS7aE9v6Z4kQ7l9atUoYc5d9ad8tGABGyFOHcl0
qJdnB+4m8AWZA4FRpN0PE2xawFcvoO4gysMQBMBjeeDJl7YnfqgbmFicNB/LB3WF
nHRJO7+V4EvpQhW4RChPalaM8VKHoypL6yFAOtCoodMwXyTSbAoRJkUJN83DJWFS
EP4qOCkJx06KfCNO9Q8dPSapzUms/YHheGzVcDGhCQiguJR1L5xjXdTEg8iwvJpj
Wbv5TP2kP8NGTzefR0vyuKKqPSeN+FgVZBI9OcVEvZq/i72NbYoyTcApBkbKh4WG
OSQ+AoZ81gKBcsdFmJOiyAl2T22u5OxRfwoa9wHlJklMxkYnFacBkGQ2Ihf6Kwrk
Ueq62ym7RIppszZHc35tDLjb+65ZIBgNLsEJxnQ8xnZNY++hEaUCGiPZP1K3zQLj
2x4BGjC+RzFzbyJg4I+uqktvJCo7PSWU9KP1/caL3G9jWc3tPOTXKv7L/bpuIGpP
XBq/V93jHDrdYmzQfZi0xfk1SA6VfofYT+5/etjPVvqX+o7pDeB/132cT91/eEC5
qy3aXGQnB1U21mD5YDCUrJf8Ee63vYXs3grzw0AdDxfaYEn4Ebg=
=hA3E
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread] 