====================================================================

                             CERT-Renater

                 Note d'Information No. 2019/VULN134

_____________________________________________________________________

DATE                : 14/05/2019

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S):  Apple TV Software versions prior to 7.3.

=====================================================================
https://lists.apple.com/archives/security-announce/2019/May/msg00005.html
_____________________________________________________________________

APPLE-SA-2019-5-13-6 Apple TV Software 7.3

Apple TV Software 7.3 is now available and addresses the following:

Bluetooth
Available for: Apple TV (3rd generation)
Impact: A remote attacker may cause an unexpected application
termination or arbitrary code execution
Description: An input validation issue existed in Bluetooth. This
issue was addressed with improved input validation.
CVE-2017-14315: Ben Seri and Gregory Vishnepolsky of Armis

Wi-Fi
Available for: Apple TV (3rd generation)
Impact: An attacker within range may be able to execute arbitrary
code on the Wi-Fi chip
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

Wi-Fi
Available for: Apple TV (3rd generation)
Impact: An attacker within range may be able to execute arbitrary
code on the Wi-Fi chip
Description: A stack buffer overflow was addressed through improved
input validation.
CVE-2017-6975: Gal Beniamini of Google Project Zero

Installation note:

Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."

To check the current version of software, select
"Settings -> General -> About."

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

=========================================================
+ CERT-RENATER        | tel : 01-53-94-20-44            +
+ 23/25 Rue Daviel    | fax : 01-53-94-20-41            +
+ 75013 Paris         | email:cert@support.renater.fr   +
=========================================================