SB2022110141 - Multiple vulnerabilities in Apple Xcode

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-29187)

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions. A remote user can bypass implemented security restrictions and privilege escalation on the system when navigating as root into a shared tmp directory owned by the victim, but where an attacker can create a git repository.

2) Input validation error (CVE-ID: CVE-2022-39253)

The vulnerability allows a remote attacker to bypass certain security restrictions.

The vulnerability exists due to the way Git handles hardlinks when performing a local clone. A remote attacker can trick the victim into clocking a malicious repository and create or copy hardlinks to critical files on the system, which can result in sensitive information exposure.

3) Heap-based buffer overflow (CVE-ID: CVE-2022-39260)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error in the "git shell" command when handling untrusted input. A remote attacker can trick the victim to execute the affected command against a malicious repository, trigger a heap-based buffer overflow and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

4) Code Injection (CVE-ID: CVE-2022-42797)

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to improper input validation within the IDE Xcode Server. A local application can send specially crafted data to the server and execute arbitrary code with root privileges.

Remediation

Install update from vendor's website.

References

• https://support.apple.com/en-us/HT213496