exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2020-07-15-3

Apple Security Advisory 2020-07-15-3
Posted Jul 17, 2020
Authored by Apple | Site apple.com

Apple Security Advisory 2020-07-15-3 - tvOS 13.4.8 is now available and addresses bypass, code execution, cross site scripting, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution, xss
systems | apple
advisories | CVE-2019-14899, CVE-2020-9862, CVE-2020-9865, CVE-2020-9888, CVE-2020-9889, CVE-2020-9890, CVE-2020-9891, CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9907, CVE-2020-9909, CVE-2020-9910, CVE-2020-9914, CVE-2020-9915, CVE-2020-9916, CVE-2020-9918, CVE-2020-9925, CVE-2020-9933, CVE-2020-9936
SHA-256 | 5acc44b7c3608b4487fb2303f0083a567bcdde5f825774c8c6b7d087e636eea6

Apple Security Advisory 2020-07-15-3

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2020-07-15-3 tvOS 13.4.8

tvOS 13.4.8 is now available and addresses the following:

Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9889: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab

Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9888: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
CVE-2020-9890: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab
CVE-2020-9891: JunDong Xie and XingWei Li of Ant-financial Light-Year
Security Lab

AVEVideoEncoder
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2020-9907: an anonymous researcher

Crash Reporter
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory corruption issue was addressed by removing the
vulnerable code.
CVE-2020-9865: Zhuo Liang of Qihoo 360 Vulcan Team working with 360
BugCloud

GeoServices
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to read sensitive
location information
Description: An authorization issue was addressed with improved state
management.
CVE-2020-9933: Min (Spark) Zheng and Xiaolong Bai of Alibaba Inc.

iAP
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to
execute arbitrary code
Description: An input validation issue existed in Bluetooth. This
issue was addressed with improved input validation.
CVE-2020-9914: Andy Davis of NCC Group

ImageIO
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9936: Mickey Jin of Trend Micro

Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in a privileged network position may be able to
inject into active connections within a VPN tunnel
Description: A routing issue was addressed with improved
restrictions.
CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R.
Crandall

Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker that has already achieved kernel code execution
may be able to bypass kernel memory mitigations
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9909: Brandon Azad of Google Project Zero

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9894: 0011 working with Trend Micro Zero Day Initiative

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced
Description: An access issue existed in Content Security Policy.
This issue was addressed with improved access restrictions.
CVE-2020-9915: an anonymous researcher

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved state
management.
CVE-2020-9925: an anonymous researcher

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9893: 0011 working with Trend Micro Zero Day Initiative
CVE-2020-9895: Wen Xu of SSLab, Georgia Tech

WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: Multiple issues were addressed with improved logic.
CVE-2020-9910: Samuel GroƟ of Google Project Zero

WebKit Page Loading
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious attacker may be able to conceal the destination
of a URL
Description: A URL Unicode encoding issue was addressed with improved
state management.
CVE-2020-9916: Rakesh Mane (@RakeshMane10)

WebKit Web Inspector
Available for: Apple TV 4K and Apple TV HD
Impact: Copying a URL from Web Inspector may lead to command
injection
Description: A command injection issue existed in Web Inspector. This
issue was addressed with improved escaping.
CVE-2020-9862: Ophir Lojkine (@lovasoa)

Wi-Fi
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9918: Jianjun Dai of 360 Alpha Lab working with 360 BugCloud
(bugcloud.360.cn)

Additional recognition

Kernel
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."

To check the current version of software, select
"Settings -> General -> About."
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl8PhQUACgkQBz4uGe3y
0M33Vw//fmvay18+s9sn8Gv2VfSgT2VcmDHMNTch9QoYbm7spSflAc8zWdToUOpK
fiJAVEHB+adcGy3syi4z+utNf3l1XchVMuaxLKzDyS7LDiDIwczivrr642A+ahlk
vrHXcdwQkf0Y3QdQF9DwcOfzyNvaRRJ2eICKlrjm4BrcoP63eoBTGKgcZp6EAOQu
c0X5M2F2GcV4VwSmSuzKtsNlkjWlaD55meVWjGZGGUp4d0tk0BtmAWISAXf2NfFF
WQyKQ9snXMzzF4SRA3cbWqFFluKDYyPx7Lh2jLB+KcrTRCtuMi+cAu3QQezRwIUD
LnKzLbAbOO8Mu67aLjoBdW0IdCHbGpdK6I/aGi0eV029+tBdcn5UOfPIhGT9WDkQ
tlDr5RCqWvc02F6e5SetIGRY1YGV6DWqo0U1h6cBdVgnx5g3aIZzXihATMV+4bxj
Vijf8iDG5LsO4Bx8g1aekrn37OQnr7WuFHLZrHKZyQejn6IdOQ2fyzH43/0mLiE3
eaoGwghlFXhOpbUx26owjEkDuC5GgboctjefqtJ9Zu7yfSS2GDAq23Qp9IXy/Avf
cIIB0bnz9Mk+2qrZ2GDZXBePacLoVSNvaBywyrs6MMANrsi3Ioq3xug8b8WnTozL
lMrdAVr64+qTn0YTc6QwNs9golbRQh3z2U6Hk/niQXlWZilaK/s=
=+zqK
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

September 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    2 Files
  • 2
    Sep 2nd
    21 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    17 Files
  • 5
    Sep 5th
    34 Files
  • 6
    Sep 6th
    29 Files
  • 7
    Sep 7th
    11 Files
  • 8
    Sep 8th
    25 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    26 Files
  • 12
    Sep 12th
    23 Files
  • 13
    Sep 13th
    17 Files
  • 14
    Sep 14th
    22 Files
  • 15
    Sep 15th
    16 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    19 Files
  • 19
    Sep 19th
    60 Files
  • 20
    Sep 20th
    23 Files
  • 21
    Sep 21st
    15 Files
  • 22
    Sep 22nd
    8 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    17 Files
  • 26
    Sep 26th
    3 Files
  • 27
    Sep 27th
    13 Files
  • 28
    Sep 28th
    5 Files
  • 29
    Sep 29th
    12 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close