exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2021-10-26-11

Apple Security Advisory 2021-10-26-11
Posted Oct 28, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-10-26-11 - tvOS 15 addresses bypass, code execution, denial of service, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution
systems | apple
advisories | CVE-2013-0340, CVE-2021-30808, CVE-2021-30809, CVE-2021-30810, CVE-2021-30814, CVE-2021-30818, CVE-2021-30823, CVE-2021-30831, CVE-2021-30834, CVE-2021-30835, CVE-2021-30836, CVE-2021-30837, CVE-2021-30840, CVE-2021-30841, CVE-2021-30842, CVE-2021-30843, CVE-2021-30846, CVE-2021-30847, CVE-2021-30849, CVE-2021-30850, CVE-2021-30851, CVE-2021-30852, CVE-2021-30854, CVE-2021-30857, CVE-2021-30866, CVE-2021-30884
SHA-256 | ebc2c5586dda25fcb5f1755935d9df8d22fe96d473608b04490304ef6ab1c4c2

Apple Security Advisory 2021-10-26-11

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-10-26-11 Additional information for
APPLE-SA-2021-09-20-3 tvOS 15

tvOS 15 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212815.

Accessory Manager
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2021-30837: an anonymous researcher

bootp
Available for: Apple TV 4K and Apple TV HD
Impact: A device may be passively tracked by its WiFi MAC address
Description: A user privacy issue was addressed by removing the
broadcast MAC address.
CVE-2021-30866: Fabien Duchêne of UCLouvain (Belgium)
Entry added October 25, 2021

CoreAudio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a malicious audio file may result in unexpected
application termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2021-30834: JunDong Xie of Ant Security Light-Year Lab
Entry added October 25, 2021

FontParser
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-30831: Xingwei Lin of Ant Security Light-Year Lab
Entry added October 25, 2021

FontParser
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted dfont file may lead to
arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30840: Xingwei Lin of Ant Security Light-Year Lab
Entry added October 25, 2021

FontParser
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted dfont file may lead to
arbitrary code execution
Description: This issue was addressed with improved checks.
CVE-2021-30841: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-30842: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-30843: Xingwei Lin of Ant Security Light-Year Lab

Foundation
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2021-30852: Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab
Entry added October 25, 2021

ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2021-30814: hjy79425575
Entry added October 25, 2021

ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-30835: Ye Zhang of Baidu Security
CVE-2021-30847: Mike Zhang of Pangu Lab

Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2021-30857: Zweig of Kunlun Lab

libexpat
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed by updating expat to version
2.4.1.
CVE-2013-0340: an anonymous researcher

Preferences
Available for: Apple TV 4K and Apple TV HD
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved state
management.
CVE-2021-30854: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)
of Tencent Security Xuanwu Lab (xlab.tencent.com)

Sandbox
Available for: Apple TV 4K and Apple TV HD
Impact: A user may gain access to protected parts of the file system
Description: An access issue was addressed with improved access
restrictions.
CVE-2021-30850: an anonymous researcher

Sandbox
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to modify protected parts
of the file system
Description: This issue was addressed with improved checks.
CVE-2021-30808: Csaba Fitzl (@theevilbit) of Offensive Security
Entry added October 25, 2021

WebKit
Available for: Apple TV 4K and Apple TV
Impact: Visiting a maliciously crafted website may reveal a user's
browsing history
Description: The issue was resolved with additional restrictions on
CSS compositing.
CVE-2021-30884: an anonymous researcher
Entry added October 25, 2021

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-30818: Amar Menezes (@amarekano) of Zon8Research
Entry added October 25, 2021

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to
bypass HSTS
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30823: David Gullasch of Recurity Labs
Entry added October 25, 2021

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may disclose
restricted memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-30836: Peter Nguyen Vu Hoang of STAR Labs
Entry added October 25, 2021

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30809: an anonymous researcher
Entry added October 25, 2021

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2021-30846: Sergei Glazunov of Google Project Zero

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2021-30849: Sergei Glazunov of Google Project Zero

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A memory corruption vulnerability was addressed with
improved locking.
CVE-2021-30851: Samuel Groß of Google Project Zero

Wi-Fi
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in physical proximity may be able to force a user
onto a malicious Wi-Fi network during device setup
Description: An authorization issue was addressed with improved state
management.
CVE-2021-30810: an anonymous researcher

Additional recognition

Assets
We would like to acknowledge Cees Elzinga for their assistance.

UIKit
We would like to acknowledge an anonymous researcher for their
assistance.

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."

To check the current version of software, select
"Settings -> General -> About."

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmF4h08ACgkQeC9qKD1p
rhhEthAAx/FURX2eeBUEs8f9b3gtic+n9doFTW1YozaTNM+/iDRtvk+Bo3UfLxsj
hoSw+V4o4S9dDPAspKBDcAiW926pBAdJjdYHyeQnsLzlNQqTN/p5ITglsim9LU7Q
rapY+JqaScfqgAwrlu7Y0kkII9rjOkOFK5wmZDkPSo8zbZftX9WRid6WmCwuf5E0
ljZhM3SRDobLoHI9691eAR1Nfl0NroQh51BTaYNzF/i64wYZdjZd2uwcs+U+GCUn
pyXtYF42Z7NAymlrdC5u9jQALKDevpubluzsyTB8AZDOBAnOgMZsjHalHX9CBAYO
N1S6J/FHE07rH8aWaDPUaU12ky/dl/5Zn+jycDG4SiTfK1HkL6FUvp+q9NnzM3jv
6Nm2doEaH+NRh/JW8wYaB1xmQK2gjHLHS2HPOV+1sW3rhkqqPbrl1e6doYL3ogfk
AdwYFLJ3aEvufybukEUEktiVk9tLl56HTwZ+yMHC0fThzfssNWzp78Fny7MTTean
TBKaqW3K7Ma5oAmy61srVlfQln7mhzqxZQh3URUADL21DqmTY4+khjTrxawUeGkh
dwfJ7ee8+u5CXUcdtjhdnT+qnenEO2jA7ehzEuQ7FLuIIlfQGXJsHPWSFQBauaye
msR+WcYRqGbpnBJBvkknqSjRLqUx1cBsFFBTdhVpYilkjbmWa0U=
=1hbX
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close