===================================================================== CERT-Renater Note d'Information No. 2024/VULN060 _____________________________________________________________________ DATE : 25/01/2024 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): macOS versions prior to Ventura 13.6.4, Monterey 12.7.3. ===================================================================== https://support.apple.com/kb/HT214058 https://support.apple.com/kb/HT214057 _____________________________________________________________________ APPLE-SA-01-22-2024-6 macOS Ventura 13.6.4 macOS Ventura 13.6.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT214058. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Apple Neural Engine Available for: macOS Ventura Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2024-23212: Ye Zhang of Baidu Security Accessibility Available for: macOS Ventura Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2023-42937: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab) Core Data Available for: macOS Ventura Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed by removing the vulnerable code. CVE-2023-40528: Kirin (@Pwnrin) of NorthSea curl Available for: macOS Ventura Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to curl version 8.4.0. CVE-2023-38545 CVE-2023-38039 CVE-2023-38546 CVE-2023-42915 Finder Available for: macOS Ventura Impact: An app may be able to access sensitive user data Description: The issue was addressed with improved checks. CVE-2024-23224: Brian McNulty ImageIO Available for: macOS Ventura Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved checks. CVE-2023-42888: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative LoginWindow Available for: macOS Ventura Impact: A local attacker may be able to view the previous logged in user?s desktop from the fast user switching screen Description: An authentication issue was addressed with improved state management. CVE-2023-42935 Mail Search Available for: macOS Ventura Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information. CVE-2024-23207: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab), and Ian de Marcellus NSOpenPanel Available for: macOS Ventura Impact: An app may be able to read arbitrary files Description: An access issue was addressed with additional sandbox restrictions. CVE-2023-42887: Ron Masas of BreakPoint.sh WebKit Available for: macOS Ventura Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. Description: A type confusion issue was addressed with improved checks. WebKit Bugzilla: 267134 CVE-2024-23222 macOS Ventura 13.6.4 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ _____________________________________________________________________ APPLE-SA-01-22-2024-7 macOS Monterey 12.7.3 macOS Monterey 12.7.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/kb/HT214057. Apple maintains a Security Updates page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. Accessibility Available for: macOS Monterey Impact: An app may be able to access sensitive user data Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2023-42937: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab) Apple Neural Engine Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2024-23212: Ye Zhang of Baidu Security curl Available for: macOS Monterey Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to curl version 8.4.0. CVE-2023-38545 CVE-2023-38039 CVE-2023-38546 CVE-2023-42915 ImageIO Available for: macOS Monterey Impact: Processing a maliciously crafted image may result in disclosure of process memory Description: The issue was addressed with improved checks. CVE-2023-42888: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative Mail Search Available for: macOS Monterey Impact: An app may be able to access sensitive user data Description: This issue was addressed with improved redaction of sensitive information. CVE-2024-23207: Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab), and Ian de Marcellus WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited. Description: A type confusion issue was addressed with improved checks. WebKit Bugzilla: 267134 CVE-2024-23222 macOS Monterey 12.7.3 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================