exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2023-03-27-4

Apple Security Advisory 2023-03-27-4
Posted Mar 28, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-03-27-4 - macOS Monterey 12.6.4 addresses bypass, code execution, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2023-0433, CVE-2023-0512, CVE-2023-23514, CVE-2023-23527, CVE-2023-23533, CVE-2023-23538, CVE-2023-23540, CVE-2023-23542, CVE-2023-27933, CVE-2023-27935, CVE-2023-27936, CVE-2023-27937, CVE-2023-27942, CVE-2023-27944
SHA-256 | 739ebbc2aa08de0dd5a0e2a5bb4889f44cdd6fdabb272260bc18eca98e3250b8

Apple Security Advisory 2023-03-27-4

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4

macOS Monterey 12.6.4 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213677.

Apple Neural Engine
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23540: Mohamed GHANNAM (@_simo36)

AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: A user may gain access to protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2023-23527: Mickey Jin (@patch1t)

Archive Utility
Available for: macOS Monterey
Impact: An archive may be able to bypass Gatekeeper
Description: The issue was addressed with improved checks.
CVE-2023-27951: Brandon Dalton of Red Canary and Csaba Fitzl
(@theevilbit) of Offensive Security

Calendar
Available for: macOS Monterey
Impact: Importing a maliciously crafted calendar invitation may
exfiltrate user information
Description: Multiple validation issues were addressed with improved
input sanitization.
CVE-2023-27961: Rıza Sabuncu (@rizasabuncu)

ColorSync
Available for: macOS Monterey
Impact: An app may be able to read arbitrary files
Description: The issue was addressed with improved checks.
CVE-2023-27955: JeongOhKyea

CommCenter
Available for: macOS Monterey
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2023-27936: Tingting Yin of Tsinghua University

dcerpc
Available for: macOS Monterey
Impact: A remote user may be able to cause unexpected app termination
or arbitrary code execution
Description: The issue was addressed with improved bounds checks.
CVE-2023-27935: Aleksandar Nikolic of Cisco Talos

dcerpc
Available for: macOS Monterey
Impact: A remote user may be able to cause unexpected system
termination or corrupt kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2023-27953: Aleksandar Nikolic of Cisco Talos
CVE-2023-27958: Aleksandar Nikolic of Cisco Talos

Foundation
Available for: macOS Monterey
Impact: Parsing a maliciously crafted plist may lead to an unexpected
app termination or arbitrary code execution
Description: An integer overflow was addressed with improved input
validation.
CVE-2023-27937: an anonymous researcher

ImageIO
Available for: macOS Monterey
Impact: Processing a maliciously crafted file may lead to unexpected
app termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2023-27946: Mickey Jin (@patch1t)

Kernel
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2023-23514: Xinru Chi of Pangu Lab and Ned Williamson of Google
Project Zero

Kernel
Available for: macOS Monterey
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-27933: sqrtpwn

Kernel
Available for: macOS Monterey
Impact: An app may be able to disclose kernel memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2023-28200: Arsenii Kostromin (0x3c3e)

Model I/O
Available for: macOS Monterey
Impact: Processing a maliciously crafted file may lead to unexpected
app termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2023-27949: Mickey Jin (@patch1t)

NetworkExtension
Available for: macOS Monterey
Impact: A user in a privileged network position may be able to spoof
a VPN server that is configured with EAP-only authentication on a
device
Description: The issue was addressed with improved authentication.
CVE-2023-28182: Zhuowei Zhang

PackageKit
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file
system
Description: A logic issue was addressed with improved checks.
CVE-2023-23538: Mickey Jin (@patch1t)
CVE-2023-27962: Mickey Jin (@patch1t)

Podcasts
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved checks.
CVE-2023-27942: Mickey Jin (@patch1t)

Sandbox
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file
system
Description: A logic issue was addressed with improved checks.
CVE-2023-23533: Mickey Jin (@patch1t), Koh M. Nakagawa of FFRI
Security, Inc., and Csaba Fitzl (@theevilbit) of Offensive Security

Sandbox
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description: A logic issue was addressed with improved validation.
CVE-2023-28178: Yiğit Can YILMAZ (@yilmazcanyigit)

Shortcuts
Available for: macOS Monterey
Impact: A shortcut may be able to use sensitive data with certain
actions without prompting the user
Description: The issue was addressed with additional permissions
checks.
CVE-2023-27963: Jubaer Alnazi Jabin of TRS Group Of Companies and
Wenchao Li and Xiaolong Bai of Alibaba Group

System Settings
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2023-23542: an anonymous researcher

System Settings
Available for: macOS Monterey
Impact: An app may be able to read sensitive location information
Description: A permissions issue was addressed with improved
validation.
CVE-2023-28192: Guilherme Rambo of Best Buddy Apps (rambo.codes)

Vim
Available for: macOS Monterey
Impact: Multiple issues in Vim
Description: Multiple issues were addressed by updating to Vim
version 9.0.1191.
CVE-2023-0433
CVE-2023-0512

XPC
Available for: macOS Monterey
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with a new entitlement.
CVE-2023-27944: Mickey Jin (@patch1t)

Additional recognition

Activation Lock
We would like to acknowledge Christian Mina for their assistance.

AppleMobileFileIntegrity
We would like to acknowledge Wojciech Reguła (@_r3ggi) of SecuRing
(wojciechregula.blog) for their assistance.

CoreServices
We would like to acknowledge Mickey Jin (@patch1t) for their
assistance.

NSOpenPanel
We would like to acknowledge Alexandre Colucci (@timacfr) for their
assistance.

Wi-Fi
We would like to acknowledge an anonymous researcher for their
assistance.

macOS Monterey 12.6.4 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmQiHnwACgkQ4RjMIDke
Nxn7kg/9FdItHdT/4pNdkvgRRdAppZbLHwvTICqQL5NW9r2at6bsEVI4euNmz6Nc
tZev1qAgiHKohwtblwLmt5x7T6j4GJ/JlR/6owBhu2K3Zd+dMfFyz3Azgb9o/3JM
SDLhOGilCQxrg/MBMvT1GVOhDbGZpj8CdVj5zux0cEOW070fsVAeU8U8eUsa9Oer
Ihoys5FSfQ9Wvl8jtTuAQE2kuoh/vwnThpT1XEp95fW4u98GkTyoZDk01/aVuNDN
nuqnJVAi12V3pWeT19wWk2osILE7cdLFWi3d5qK7YHUhy/YsVRMwwPUVPPSYq3bF
RIZmBCHNO1TJniM/0Ji6FyPwQpt0v0kabxZnYLy/0pilRsMlJNPhcTm6CTCCKp/M
YBhiJMIZcxr6qjzb4yq+VO1bSS0bjFZYJBM71fb0MBdnl2ogLYRh8c+WvDA/Avmq
fjXxpAH/wXkO1J+ccJl+5ESIP6eEc+jm8ra5oiZETDRO3UhPtcHWPSJcKKzIyv9U
ZP+4jYDmDeNAzpS6b/sI+1DD86ozxv2WdFGo1k7P0o8AFb4XnY4GoZYy7cOAm5EA
FUyJokGkgByuvu9XhbEzSM/K24dQziWTj2eNMXXl/FV5/1A629ZcCAXKwzO+0dYF
tthhKi6q7oFAIBB5FiapaJNQsazipx+XGFKQUNDZAmuG4GsIiFg=
=GR5+
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close