Ministero dello Sviluppo Economico

CERT Nazionale Italia - Computer Emergency Response Team

Vulnerabilità

Aggiornamenti di sicurezza per prodotti Apple (22 gennaio 2019)

apple  iCloud  Safari   mercoledì, 23 gennaio 2019

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, watchOS, tvOS, Safari e iCloud per Windows.

Apple macOS è un sistema operativo per i computer Mac. Apple iOS è un sistema operativo per iPhone, iPod touch e iPad. Apple watchOS è il sistema operativo per Apple Watch. Apple tvOS è il sistema operativo per Apple TV. Apple Safari è un browser Web disponibile per macOS e Microsoft Windows. iCloud è il sistema SaaS di Apple basato sul cloud computing.

L’aggiornamento per macOS contiene diversi fix di sicurezza che risolvono numerose vulnerabilità, di cui alcune di gravità elevata, in macOS Sierra 10.12.6, macOS High Sierra 10.13.6 e macOS Mojave 10.14.2. Lo sfruttamento delle più gravi tra queste vulnerabilità potrebbe consentire ad un attaccante di accedere ad aree di memoria protette, ottenere privilegi elevati, eseguire codice arbitrario sul sistema o provocare condizioni di denial of service.

Dettagli delle vulnerabilità risolte in macOS (in Inglese):

  • AppleKeyStore: a memory corruption issue may allow a sandboxed process may be able to circumvent sandbox restrictions (CVE-2019-6235).
  • Bluetooth: an out-of-bounds read issue may allow an attacker in a privileged network position to execute arbitrary code (CVE-2019-6200).
  • Core Media: an out-of-bounds read issue may allow a malicious application to elevate privileges (CVE-2019-6202, CVE-2019-6221).
  • CoreAnimation: an out-of-bounds read issue may allow a malicious application may be able to read restricted memory (CVE-2019-6231).
  • CoreAnimation: a memory initialization issue may allow a malicious application to break out of its sandbox (CVE-2019-6230).
  • FaceTime: a buffer overflow issue may allow a remote attacker to initiate a FaceTime call causing arbitrary code execution (CVE-2019-6224).
  • Hypervisor: a memory corruption issue may allow a malicious application to elevate privileges (CVE-2018-4467).
  • Intel Graphics Driver: a memory consumption issue may allow a malicious application to execute arbitrary code with system privileges (CVE-2018-4452).
  • IOKit: a type confusion issue may allow a malicious application to break out of its sandbox (CVE-2019-6214).
  • Kernel: a memory corruption issue may allow a malicious application to elevate privileges (CVE-2019-6225).
  • Kernel: a memory corruption issue may allow a malicious application to execute arbitrary code with kernel privileges (CVE-2019-6210).
  • Kernel: a memory corruption issue may allow a malicious application to cause unexpected changes in memory shared between processes (CVE-2019-6205).
  • Kernel: a buffer overflow issue may allow an application to execute arbitrary code with kernel privileges (CVE-2019-6213).
  • Kernel: an out-of-bounds read issue may allow a malicious application to determine kernel memory layout (CVE-2019-6209).
  • Kernel: a memory initialization issue may allow a malicious application to cause unexpected changes in memory shared between processes (CVE-2019-6208).
  • libxpc: amemory corruption issue may allow a malicious application to execute arbitrary code with kernel privileges (CVE-2019-6218).
  • Natural Language Processing: processing a maliciously crafted message may lead to a denial of service (CVE-2019-6219).
  • QuartzCore: an out-of-bounds read issue may allow an application  to read restricted memory (CVE-2019-6220).
  • SQLite: multiple memory corruption issues may lead to arbitrary code execution via a maliciously crafted SQL query (CVE-2018-20346, CVE-2018-20505, CVE-2018-20506).
  • WebRTC: a memory corruption issue may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-6211).

L’aggiornamento per iOS, disponibile per iPhone 5s e successivo, iPad Air e successivo e and iPod touch 6a generazione, contiene diversi fix di sicurezza che risolvono diverse gravi vulnerabilità che potrebbero consentire ad un attaccante di accedere ad aree di memoria protette, eseguire codice arbitrario sul sistema o provocare condizioni di denial of service.

Dettagli delle vulnerabilità risolte in iOS (in Inglese):

  • AppleKeyStore: a memory corruption issue may allow a sandboxed process may be able to circumvent sandbox restrictions (CVE-2019-6235).
  • Bluetooth: an out-of-bounds read issue may allow an attacker in a privileged network position to execute arbitrary code (CVE-2019-6200).
  • Core Media: an out-of-bounds read issue may allow a malicious application to elevate privileges (CVE-2019-6202, CVE-2019-6221).
  • CoreAnimation: an out-of-bounds read issue may allow a malicious application may be able to read restricted memory (CVE-2019-6231).
  • CoreAnimation: a memory initialization issue may allow a malicious application to break out of its sandbox (CVE-2019-6230).
  • FaceTime: a buffer overflow issue may allow a remote attacker to initiate a FaceTime call causing arbitrary code execution (CVE-2019-6224).
  • IOKit: a type confusion issue may allow a malicious application to break out of its sandbox (CVE-2019-6214).
  • Kernel: a memory corruption issue may allow a malicious application to elevate privileges (CVE-2019-6225).
  • Kernel: a memory corruption issue may allow a malicious application to execute arbitrary code with kernel privileges (CVE-2019-6210).
  • Kernel: a memory corruption issue may allow a malicious application to cause unexpected changes in memory shared between processes (CVE-2019-6205).
  • Kernel: a buffer overflow issue may allow an application to execute arbitrary code with kernel privileges (CVE-2019-6213).
  • Kernel: an out-of-bounds read issue may allow a malicious application to determine kernel memory layout (CVE-2019-6209).
  • Kernel: a memory initialization issue may allow a malicious application to cause unexpected changes in memory shared between processes (CVE-2019-6208).
  • Keyboard: password autofill may fill in passwords after they were manually cleared (CVE-2019-6206).
  • libxpc: amemory corruption issue may allow a malicious application to execute arbitrary code with kernel privileges (CVE-2019-6218).
  • Natural Language Processing: processing a maliciously crafted message may lead to a denial of service (CVE-2019-6219).
  • Safari Reader: processing maliciously crafted web content may lead to a cross site scripting attack (CVE-2019-6228).
  • SQLite: multiple memory corruption issues may lead to arbitrary code execution via a maliciously crafted SQL query (CVE-2018-20346, CVE-2018-20505, CVE-2018-20506).
  • WebKit: a memory corruption issue may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-6227, CVE-2019-6233, CVE-2019-6234).
  • WebKit: processing maliciously crafted web content may lead to universal cross site scripting (CVE-2019-6229).
  • WebKit: a type confusion issue may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-6215).
  • WebKit: multiple memory corruption issues may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-6212, CVE-2019-6216, CVE-2019-6217, CVE-2019-6226).
  • WebRTC: a memory corruption issue may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-6211).

Si raccomanda di scaricare ed applicare gli aggiornamenti di sicurezza messi a disposizione da Apple il più presto possibile.

Per maggiori informazioni sui prodotti vulnerabili e sugli aggiornamenti disponibili è possibile consultare i seguenti bollettini di sicurezza di Apple (in Inglese):

Notizie correlate

Aggiornamenti di sicurezza per prodotti Apple (22 luglio 2019)

23 luglio 2019

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, tvOS, watchOS e Safari.Leggi tutto

Apple risolve vulnerabilità multiple in AirPort

3 giugno 2019

Apple ha rilasciato un aggiornamento di sicurezza per il firmware delle basi Wi-Fi AirPort che risolvere vulnerabilità che potrebbero provocare l’esecuzione di codice in modalità remota o causare condizioni di denial of service.Leggi tutto

Aggiornamenti di sicurezza per prodotti Apple (13 maggio 2019)

14 maggio 2019

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, tvOS, watchOS, Safari e Apple TV Software.Leggi tutto