======================================================================

                                   CERT-Renater

                         Note d'Information No. 2024/VULN240
_____________________________________________________________________

DATE                : 14/05/2024

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Safari versions prior to 17.5.

=====================================================================
https://support.apple.com/HT214103
_____________________________________________________________________

APPLE-SA-05-13-2024-1 Safari 17.5

Safari 17.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT214103.

Apple maintains a Security Releases page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Monterey and macOS Ventura
Impact: An attacker with arbitrary read and write capability may be
able to bypass Pointer Authentication
Description: The issue was addressed with improved checks.
WebKit Bugzilla: 272750
CVE-2024-27834: Manfred Paul (@_manfp) working with Trend Micro's
Zero Day Initiative

Additional recognition

Safari Downloads
We would like to acknowledge Arsenii Kostromin (0x3c3e) for their
assistance.

Safari 17.5 may be obtained from the Mac App Store.
All information is also posted on the Apple Security Releases
web site: https://support.apple.com/HT201222.


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================