-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4

iOS 15.7.4 and iPadOS 15.7.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213673.

Accessibility
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23541: Csaba Fitzl (@theevilbit) of Offensive Security

Calendar
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: Importing a maliciously crafted calendar invitation may
exfiltrate user information
Description: Multiple validation issues were addressed with improved
input sanitization.
CVE-2023-27961: Rıza Sabuncu (@rizasabuncu)

Camera
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: A sandboxed app may be able to determine which app is
currently using the camera
Description: The issue was addressed with additional restrictions on
the observability of app states.
CVE-2023-23543: Yiğit Can YILMAZ (@yilmazcanyigit)

CommCenter
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2023-27936: Tingting Yin of Tsinghua University

Find My
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23537: an anonymous researcher

FontParser
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: Processing a maliciously crafted image may result in
disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2023-27956: Ye Zhang of Baidu Security

Identity Services
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to access information about a user’s
contacts
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-27928: Csaba Fitzl (@theevilbit) of Offensive Security

ImageIO
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: Processing a maliciously crafted file may lead to unexpected
app termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2023-27946: Mickey Jin (@patch1t)

ImageIO
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: Processing a maliciously crafted image may result in
disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2023-23535: ryuzaki

Kernel
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to disclose kernel memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2023-27941: Arsenii Kostromin (0x3c3e)

Kernel
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2023-27969: Adam Doupé of ASU SEFCOM

Model I/O
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: Processing a maliciously crafted file may lead to unexpected
app termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2023-27949: Mickey Jin (@patch1t)

NetworkExtension
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: A user in a privileged network position may be able to spoof
a VPN server that is configured with EAP-only authentication on a
device
Description: The issue was addressed with improved authentication.
CVE-2023-28182: Zhuowei Zhang

Shortcuts
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: A shortcut may be able to use sensitive data with certain
actions without prompting the user
Description: The issue was addressed with additional permissions
checks.
CVE-2023-27963: Jubaer Alnazi Jabin of TRS Group Of Companies, and
Wenchao Li and Xiaolong Bai of Alibaba Group

WebKit
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: A website may be able to track sensitive user information
Description: The issue was addressed by removing origin information.
WebKit Bugzilla: 250837
CVE-2023-27954: an anonymous researcher

WebKit
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited.
Description: A type confusion issue was addressed with improved
checks.
WebKit Bugzilla: 251944
CVE-2023-23529: an anonymous researcher

Additional recognition

Mail
We would like to acknowledge Fabian Ising of FH Münster University of
Applied Sciences, Damian Poddebniak of FH Münster University of
Applied Sciences, Tobias Kappert of Münster University of Applied
Sciences, Christoph Saatjohann of Münster University of Applied
Sciences, and Sebast for their assistance.

WebKit Web Inspector
We would like to acknowledge Dohyun Lee (@l33d0hyun) and crixer
(@pwning_me) of SSD Labs for their assistance.

This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/  iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device.  The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device.  To
check that the iPhone, iPod touch, or iPad has been updated:  *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 15.7.4 and iPadOS 15.7.4".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmQiHoMACgkQ4RjMIDke
NxmyqRAAvm1PiM9ny8eDXaWht0Q2ZcmUpwNURBotHn9/uHjxlMAbbLP1tbBcPY8k
KkcU+Dpnlv/hH65WObY0Jt2lUntgTWmoaXqSEVxxd3SttciXeW0Uo5ZDfLl5Sx/M
F+HaeTXL6wboIJ7UckTnzROC9FHfZT0zSo0Z9CGcqYlCdeFRIqZaeWhO6pj+WPdw
Ldj/dHXoeTKFN9F9bAhIEaGtYEk7jcPKgrm97dwwQtaRBBVS1x2Mwn3aaMqpAQtI
RZ8FnZl2Gje7aPb71SgnmF4U2P8ClXg0+6T3cp+fSjZzYdE5h0YSPu/heXjrL+za
jR49tBwh01eN6/84448gp/nC/SiVXuVl3w0uY/OOxBKVldCe35CHAUFKRXoc75m9
qMdbS5aQrzo4IyuEI21JrpIHNydrtnJCL42yY91v2/5Nm4XZKieu+H+mL6MxtipQ
Q9nVBjmTBvfgMFWdNShHLghbsa4dnU7ZyZicmsNI/X18zFEbZgDlon9KlGqD5Fq7
BzZJjvAJWNpQ/tmh7CXPNjm0SK2YHuWy+ngApzpbMtgOROpczmD9uOblLg4HRvaj
abpjMCBbOFAmaVtwgC/rY7kj6I8y5je7E/JHXbc0EnAnzwUUYQMkT6V9A5tiCj4P
0kq+onllvMdorStRS74748LmD52S9frA2dIN5ip+lf7Qh81FJW8=
=3whT
-----END PGP SIGNATURE-----