[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: [FD] APPLE-SA-2023-06-21-7 watchOS 9.5.2
From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists ! org>
Date: 2023-06-21 23:47:13
Message-ID: 48533107-1EAA-4009-B090-83C5543A0DAF () lists ! apple ! com
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2023-06-21-7 watchOS 9.5.2
watchOS 9.5.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213812.
Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.
Kernel
Available for: Apple Watch Series 4 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges. Apple is aware of a report that this issue may have been
actively exploited against versions of iOS released before iOS 15.7.
Description: An integer overflow was addressed with improved input
validation.
CVE-2023-32434: Georgy Kucherin (@kucher1n), Leonid Bezvershenko
(@bzvr_), and Boris Larin (@oct0xor) of Kaspersky
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmSTiCAACgkQ4RjMIDke
NxkBrQ/9FV9sgRku20Nd3ndpy+eAYdwsHtTVd3SVvZRc8SmjH3cdCtpVyzDQkXoR
q+kOxN5/frd64Z0KUenixOxSLi56jIDiQLW9rSNvTFrddrttMB/y0kumiVE8/eJs
xtYpqSqyyDtfGlanE77Ek0bQVYtqWxWzfatcESOm4jlL/GtfT5KINvN1Vb3WT1tl
5Fiz3XelUFQCXyLuo7tLKn7V1Ul8arFX3sShBockqiYUkQqVND6koFob0Cd7BNvE
QVVBf44nwJkHzEPgqKOxprHSZ7zn8bwOsCYpynasS1Skh+AHsn45KxZyCxWK8C49
y3nliSfkTxKTkPR096bOKBXUDFrYR/WWbPmPA3Ppz1bXSQX6OjUztyN43dfruM70
1+h9MgQnyjzCfa1psaMlf+tzb3tbpOFDBf4K3P0ZJG2rFevcqUbfHa1sZ97EWmFs
EY+bSDgUV5c0eXZj3qha3fb1z7adUN5Emt8mdJWONnbbuvsIMhgzEuSf9PTG3B6N
6uHXmlyrYYb+b4ONFQTIOO461Ktzy0X5TCZH6pUSnM+7fXlv5hdd39S5dvh1zVee
rkElzT7j9ugFcwv5EuMB8nFWbYuLlEmJTp5NbxU1Yq7xIyHHH1KbKjgSs+UO9lVf
kKhzHJjyTYIFoS7u1F0V+P02NETXYdde7jvLDH+ZPQm7DcMzYrQ=
=mxba
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic