SB2024012249 - Multiple vulnerabilities in Apple tvOS

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024012249

SB2024012249 - Multiple vulnerabilities in Apple tvOS

Published: January 22, 2024 Updated: April 29, 2024

Security Bulletin ID SB2024012249
Severity
Critical
Patch available
YES
Number of vulnerabilities 12
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Critical 8% High 17% Medium 17% Low 58%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 12 secuirty vulnerabilities.


1) Buffer overflow (CVE-ID: CVE-2024-23212)

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within Apple Neural Engine. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.


2) Information Exposure Through Timing Discrepancy (CVE-ID: CVE-2024-23218)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to a timing side-channel issue in CoreCrypto. A remote attacker can decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.


3) Buffer overflow (CVE-ID: CVE-2024-23208)

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error within the OS kernel. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.


4) Input validation error (CVE-ID: CVE-2024-23223)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to insufficient validation of files in NSSpellChecker. A local application can gain access to sensitive user data.


5) Insecure Temporary File (CVE-ID: CVE-2024-23215)

The vulnerability allows a local application to bypass certain security restrictions.

The vulnerability exists in TCC due to insecure processing of temporary files. A local application can gain access to sensitive user information.


6) Inclusion of Sensitive Information in Log Files (CVE-ID: CVE-2024-23210)

The vulnerability allows a local application to gain access to sensitive information.

The vulnerability exists due to Time Zone application stores sensitive information into log files. A local application can read the system log files and gain access to a user's phone number.


7) Buffer overflow (CVE-ID: CVE-2024-23206)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


8) Buffer overflow (CVE-ID: CVE-2024-23213)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error when processing HTML content. A remote attacker can trick the victim to visit a specially crafted web page, trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


9) Type confusion (CVE-ID: CVE-2024-23222)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a type confusion error when processing HTML content. A remote attacker can trick the victim to open a specially crafted website, trigger a type confusion error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Note, the vulnerability is being actively exploited in the wild.


10) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-23201)

The vulnerability allows a local application to perform a denial of service (DoS) attack.

The vulnerability exists due to improperly imposed security restrictions in libxpc. A local application can perform a denial of service (DoS) attack.


11) Buffer overflow (CVE-ID: CVE-2024-27791)

The vulnerability allows a local application to escalate privileges on the system.

The vulnerability exists due to a boundary error in Power Manager. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.


12) Security features bypass (CVE-ID: CVE-2024-23271)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to a logic error in WebKit, which can lead to unexpected cross-origin behavior. A remote attacker can trick the victim to visit a specially crafted website and bypass implemented security restrictions.


Remediation

Install update from vendor's website.

References