-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6 iOS 15.7.6 and iPadOS 15.7.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213765. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Accessibility Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to bypass Privacy preferences Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2023-32388: Kirin (@Pwnrin) Apple Neural Engine Available for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation) Impact: An app may be able to break out of its sandbox Description: This issue was addressed with improved checks. CVE-2023-23532: Mohamed Ghannam (@_simo36) CoreCapture Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2023-28181: Tingting Yin of Tsinghua University ImageIO Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: Processing an image may lead to arbitrary code execution Description: A buffer overflow was addressed with improved bounds checking. CVE-2023-32384: Meysam Firouzi @R00tkitsmm working with Trend Micro Zero Day Initiative IOSurface Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to leak sensitive kernel state Description: An out-of-bounds read was addressed with improved input validation. CVE-2023-32410: hou xuewei (@p1ay8y3ar) vmk msu Kernel Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: A sandboxed app may be able to observe system-wide network connections Description: The issue was addressed with additional permissions checks. CVE-2023-27940: James Duffy (mangoSecure) Kernel Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to gain root privileges Description: A race condition was addressed with improved state handling. CVE-2023-32413: Eloi Benoist-Vanderbeken (@elvanderb) from Synacktiv (@Synacktiv) working with Trend Micro Zero Day Initiative Kernel Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use-after-free issue was addressed with improved memory management. CVE-2023-32398: Adam Doupé of ASU SEFCOM Metal Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to bypass Privacy preferences Description: A logic issue was addressed with improved state management. CVE-2023-32407: Gergely Kalman (@gergely_kalman) NetworkExtension Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to read sensitive location information Description: This issue was addressed with improved redaction of sensitive information. CVE-2023-32403: an anonymous researcher Photos Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: Shake-to-undo may allow a deleted photo to be re-surfaced without authentication Description: The issue was addressed with improved checks. CVE-2023-32365: Jiwon Park Shell Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management. CVE-2023-32397: Arsenii Kostromin (0x3c3e) Shortcuts Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user Description: The issue was addressed with improved checks. CVE-2023-32391: Wenchao Li and Xiaolong Bai of Alibaba Group Telephony Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: A remote attacker may be able to cause unexpected app termination or arbitrary code execution Description: A use-after-free issue was addressed with improved memory management. CVE-2023-32412: Ivan Fratric of Google Project Zero TV App Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: An app may be able to read sensitive location information Description: The issue was addressed with improved handling of caches. CVE-2023-32408: Adam M. WebKit Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds read was addressed with improved input validation. WebKit Bugzilla: 254930 CVE-2023-28204: an anonymous researcher WebKit Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. Description: A use-after-free issue was addressed with improved memory management. WebKit Bugzilla: 254840 CVE-2023-32373: an anonymous researcher Additional recognition libxml2 We would like to acknowledge OSS-Fuzz, Ned Williamson of Google Project Zero for their assistance. Reminders We would like to acknowledge Kirin (@Pwnrin) for their assistance. Security We would like to acknowledge James Duffy (mangoSecure) for their assistance. Wi-Fi We would like to acknowledge an anonymous researcher for their assistance. This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 15.7.6 and iPadOS 15.7.6". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmRmqM4ACgkQ4RjMIDke NxnFzA//fR8HJIImtVBsSJNqV+JUBlR6S2CliQv9ZymqzorPauaxzIOvq8fAl9wx mPFgqeGN8qmGMCtW6owMZ1S7JBDqkZ60whIgWV7jKH1Jqhxw46RxUgXO7Rlq6xMK mUKXlqNpaKp39GV7sQ7CTlSh12preMaNVuHgr25df3icUHxn6vc/xYOZegwvxXhD 45hxzejWrdJUO20dfq8nxknIX7MtirjpBaGX5N3pqb61ryleGyOub9XcUhExN1mB i5BndUSCbwosnytMzvIGhTExPDCEciYKKSlWlr9nC2ZTzpbzuwiy7IisbnQvB7eR 2TCYfVBrGyvetxzkXMOmvTt2o6zy7+WpcDTBrGjyGwxRngUajS7FFkYCm0u7R2UF Z8JHZo6jPrIT7XzfHalOVm1crgD/d8YQ7lu3GOHm2pFh/l8JFRxORQlRXuhg8Xon PmVwv1XYzhhBd+ZWzkJXFlhp0P5Ws2Alp1oyttmPqsAKrojEofhL6vtZuNkDhx2F tSPT0qp3f29NsolOTwr1YZYcSOUkPkNGByIoOcnBafInfWDeFp2UF5pnFizGKkXT ghc5ozsiWZCnKInTZjQMY5c51O0NixhN1RiGinrw2d400RvyccJTSEe0lzJUvCIb ams4lS52C3Z+GqDQskVOBJgWlskyhOj5n93IJXHrHNvjOujUopo= =MxZP -----END PGP SIGNATURE-----