==================================================================== CERT-Renater Note d'Information No. 2018/VULN353 _____________________________________________________________________ DATE : 31/10/2018 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): tvOS versions prior to 12.1. ===================================================================== https://lists.apple.com/archives/security-announce/2018/Oct/msg00006.html _____________________________________________________________________ APPLE-SA-2018-10-30-5 tvOS tvOS 12.1 is now available and addresses the following: CoreCrypto Available for: Apple TV 4K and Apple TV (4th generation) Impact: An attacker may be able to exploit a weakness in the Miller-Rabin primality test to incorrectly identify prime numbers Description: An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. CVE-2018-4398: Martin Albrecht, Jake Massimo and Kenny Paterson of Royal Holloway, University of London, and Juraj Somorovsky of Ruhr University, Bochum ICU Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing a maliciously crafted string may lead to heap corruption Description: A memory corruption issue was addressed with improved input validation. CVE-2018-4394: an anonymous researcher IPSec Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to gain elevated privileges Description: An out-of-bounds read was addressed with improved input validation. CVE-2018-4371: Tim Michaud (@TimGMichaud) of Leviathan Security Group Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2018-4420: Mohamed Ghannam (@_simo36) Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2018-4413: Juwei Lin (@panicaII) of TrendMicro Mobile Security Team Kernel Available for: Apple TV 4K and Apple TV (4th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2018-4419: Mohamed Ghannam (@_simo36) NetworkExtension Available for: Apple TV 4K and Apple TV (4th generation) Impact: Connecting to a VPN server may leak DNS queries to a DNS proxy Description: A logic issue was addressed with improved state management. CVE-2018-4369: an anonymous researcher WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2018-4372: HyungSeok Han, DongHyeon Oh, and Sang Kil Cha of KAIST Softsec Lab, Korea CVE-2018-4382: lokihardt of Google Project Zero CVE-2018-4386: lokihardt of Google Project Zero CVE-2018-4392: zhunki of 360 ESG Codesafe Team CVE-2018-4416: lokihardt of Google Project Zero WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: A malicious website may be able to cause a denial of service Description: A resource exhaustion issue was addressed with improved input validation. CVE-2018-4409: Sabri Haddouche (@pwnsdx) of Wire Swiss GmbH WebKit Available for: Apple TV 4K and Apple TV (4th generation) Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved validation. CVE-2018-4378: an anonymous researcher, zhunki of 360 ESG Codesafe Team WiFi Available for: Apple TV 4K and Apple TV (4th generation) Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A denial of service issue was addressed with improved validation. CVE-2018-4368: Milan Stute and Alex Mariotto of Secure Mobile Networking Lab at Technische Universität Darmstadt Additional recognition Certificate Signing We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. Security We would like to acknowledge Marinos Bernitsas of Parachute for their assistance. Installation note: Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================