Ministero dello Sviluppo Economico

CERT Nazionale Italia - Computer Emergency Response Team

Vulnerabilità

Aggiornamenti di sicurezza per prodotti Apple (25 marzo 2019)

apple  iCloud  iTunes  Safari  Xcode   martedì, 26 marzo 2019

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, tvOS, Safari, Xcode, iTunes per Windows e iCloud per Windows.

Apple macOS è un sistema operativo per i computer Mac. Apple iOS è un sistema operativo per iPhone, iPod touch e iPad. Apple tvOS è il sistema operativo per Apple TV. Apple Safari è un browser Web disponibile per macOS e Microsoft Windows. Xcode è uno strumento di sviluppo per la creazione di applicazioni iOS, watchOS, e tvOS. iTunes è un’applicazione per la gestione di file multimediali. iCloud è il sistema SaaS di Apple basato sul cloud computing.

L’aggiornamento per macOS contiene diversi fix di sicurezza che risolvono numerose vulnerabilità, di cui alcune di gravità elevata, in macOS Sierra 10.12.6, macOS High Sierra 10.13.6 e macOS Mojave 10.14.3. Lo sfruttamento delle più gravi tra queste vulnerabilità potrebbe consentire ad un attaccante di accedere ad aree di memoria protette, ottenere privilegi elevati, eseguire codice arbitrario sul sistema o provocare condizioni di denial of service.

Dettagli delle vulnerabilità risolte in macOS (in Inglese):

  • AppleGraphicsControl: a buffer overflow issue may allow a malicious application to execute arbitrary code with kernel privileges (CVE-2019-8555).
  • Bom: a malicious application may bypass Gatekeeper checks (CVE-2019-8516).
  • configd: a memory initialization issue may allow a malicious application to elevate privileges (CVE-2019-8552).
  • Contacts: a buffer overflow issue may allow a malicious application to elevate privileges (CVE-2019-8511).
  • CoreCrypto: a buffer overflow issue may allow a malicious application to elevate privileges (CVE-2019-8542).
  • DiskArbitration: a logic issue may cause an encrypted volume to be unmounted and remounted by a different user without prompting for the password (CVE-2019-8522).
  • FaceTime: a user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing (CVE-2019-8550).
  • Feedback Assistant: a race condition issue may allow a malicious application to gain root privileges (CVE-2019-8565).
  • Feedback Assistant: a malicious application may be able to overwrite arbitrary files (CVE-2019-8521).
  • file: an out-of-bounds read issue may allow an application to read restricted memory (CVE-2019-8519).
  • iAP: a buffer overflow issue may allow a malicious application to elevate privileges (CVE-2019-8542).
  • IOGraphics: a lock handling issue may cause a Mac may to not lock when disconnecting from an external monitor (CVE-2019-8533).
  • IOHIDFamily: a memory corruption issue may allow a local user to cause unexpected system termination or read kernel memory (CVE-2019-8545).
  • IOKit: a memory initialization issue may allow a local user to read kernel memory (CVE-2019-8504).
  • IOKit SCSI: a memory corruption issue may allow an application to execute arbitrary code with kernel privileges (CVE-2019-8529).
  • Kernel: a buffer overflow issue may allow a remote attacker to cause unexpected system termination or corrupt kernel memory (CVE-2019-8527).
  • Kernel: a buffer overflow issue may lead to arbitrary code execution with system privileges mounting a maliciously crafted NFS network share (CVE-2019-8508).
  • Kernel: a logic issue may allow an application to gain elevated privileges (CVE-2019-8514).
  • Kernel: a memory initialization issue may allow a malicious application to determine kernel memory layout (CVE-2019-8540).
  • Kernel: a memory corruption issue may allow a local user to read kernel memory (CVE-2019-7293).
  • Kernel: an out-of-bounds read issue may allow a malicious application to determine kernel memory layout (CVE-2019-6207, CVE-2019-8510).
  • Messages: an access issue may allow a local user to view sensitive user information (CVE-2019-8546).
  • Notes: an access issue may allow a local user to view a user’s locked notes (CVE-2019-8537).
  • PackageKit: a logic issue may allow a malicious application to elevate privileges (CVE-2019-8561).
  • Perl: multiple issues in Perl (CVE-2018-12015, CVE-2018-18311, CVE-2018-18313).
  • Power Management: multiple input validation issues may allow a malicious application to execute arbitrary code with system privileges (CVE-2019-8549).
  • QuartzCore: multiple memory corruption issues may lead to unexpected application termination processing malicious data (CVE-2019-8507).
  • Security: a use after free issue may allow an application to gain elevated privileges (CVE-2019-8526).
  • Security: an out-of-bounds read issue may allow a malicious application to read restricted memory (CVE-2019-8520).
  • Siri: an API issue may allow a malicious application to initiate a Dictation request without user authorization (CVE-2019-8502).
  • Time Machine: a local user may be able to execute arbitrary shell commands (CVE-2019-8513).
  • TrueTypeScaler: an out-of-bounds read issue may result in the disclosure of process memory processing a maliciously crafted font (CVE-2019-8517).
  • XPC: a malicious application may be able to overwrite arbitrary files (CVE-2019-8530).

L’aggiornamento per iOS, disponibile per iPhone 5s e successivo, iPad Air e successivo e and iPod touch 6a generazione, contiene diversi fix di sicurezza che risolvono diverse gravi vulnerabilità che potrebbero consentire ad un attaccante di accedere ad aree di memoria protette, elevare i propri privilegi, eseguire codice arbitrario sul sistema o provocare condizioni di denial of service.

Dettagli delle vulnerabilità risolte in iOS (in Inglese):

  • CFString: a validation issue may lead to a denial of service processing a maliciously crafted string (CVE-2019-8516).
  • configd: a memory initialization issue may allow a malicious application to elevate privileges (CVE-2019-8552).
  • Contacts: a buffer overflow issue may allow a malicious application to elevate privileges (CVE-2019-8511).
  • CoreCrypto: a buffer overflow issue may allow a malicious application to elevate privileges (CVE-2019-8542).
  • Exchange ActiveSync: a user may authorize an enterprise administrator to remotely wipe their device without appropriate disclosure (CVE-2019-8512).
  • FaceTime: a user’s video may not be paused in a FaceTime call if they exit the FaceTime app while the call is ringing (CVE-2019-8550).
  • Feedback Assistant: a race condition issue may allow a malicious application to gain root privileges (CVE-2019-8565).
  • Feedback Assistant: a malicious application may be able to overwrite arbitrary files (CVE-2019-8521).
  • file: an out-of-bounds read issue might disclose user information processing a maliciously crafted file (CVE-2019-6237).
  • GeoServices: a memory corruption issue may lead to arbitrary code execution clicking a malicious SMS link (CVE-2019-8553).
  • iAP: a buffer overflow issue may allow a malicious application to elevate privileges (CVE-2019-8542).
  • IOHIDFamily: a memory corruption issue may allow a local user to cause unexpected system termination or read kernel memory (CVE-2019-8545).
  • IOKit: a memory initialization issue may allow a local user to read kernel memory (CVE-2019-8504).
  • IOKit SCSI: a memory corruption issue may allow an application to execute arbitrary code with kernel privileges (CVE-2019-8529).
  • Kernel: a buffer overflow issue may allow a remote attacker to cause unexpected system termination or corrupt kernel memory (CVE-2019-8527).
  • Kernel: a logic issue may allow an application to gain elevated privileges (CVE-2019-8514).
  • Kernel: a memory initialization issue may allow a malicious application to determine kernel memory layout (CVE-2019-8540).
  • Kernel: a memory corruption issue may allow a local user to read kernel memory (CVE-2019-7293).
  • Kernel: an out-of-bounds read issue may allow a malicious application to determine kernel memory layout (CVE-2019-6207, CVE-2019-8510).
  • Mail: processing a maliciously crafted mail message may lead to S/MIME signature spoofing (CVE-2019-7284).
  • Messages: an access issue may allow a local user to view sensitive user information (CVE-2019-8546).
  • Power Management: multiple input validation issues may allow a malicious application to execute arbitrary code with system privileges (CVE-2019-8549).
  • Privacy: a malicious app may be able to track users between installs (CVE-2019-8541).
  • ReplayKit: an API issue may allow a malicious application to access the microphone without indication to the user (CVE-2019-8566).
  • Safari: a permissions issue may allow a website to access sensor information without user consent (CVE-2019-8554).
  • Safari Reader: a logic issue may lead to universal cross site scripting enabling the Safari Reader feature on a maliciously crafted webpage (CVE-2019-6204, CVE-2019-8505).
  • Siri: an API issue may allow a malicious application to initiate a Dictation request without user authorization (CVE-2019-8502).
  • TrueTypeScaler: an out-of-bounds read issue may result in the disclosure of process memory processing a maliciously crafted font (CVE-2019-8517).
  • WebKit: a logic issue may lead to universal cross site scripting processing maliciously crafted web content (CVE-2019-8517).
  • WebKit: a memory corruption issue may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-8535).
  • WebKit: multiple memory corruption issues may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-6201, CVE-2019-8518, CVE-2019-8523, CVE-2019-8524, CVE-2019-8558, CVE-2019-8559, CVE-2019-8563).
  • WebKit: a memory corruption issue may allow a sandboxed process to circumvent sandbox restrictions (CVE-2019-8562).
  • WebKit: a consistency issue may allow a website to access the microphone without the microphone use indicator being shown (CVE-2019-6222).
  • WebKit: a cross-origin issue may disclose sensitive user information processing maliciously crafted web content (CVE-2019-8515).
  • WebKit: a memory corruption issue may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-8536, CVE-2019-8556).
  • WebKit: a type confusion issue may lead to arbitrary code execution processing maliciously crafted web content (CVE-2019-8506).
  • WebKit: a logic issue may allow a malicious website to execute scripts in the context of another website (CVE-2019-8503).
  • WebKit: a validation issue may result in the disclosure of process memory processing maliciously crafted web content (CVE-2019-7292).
  • Wi-Fi: a user privacy issue may cause a device to be passively tracked by its WiFi MAC address (CVE-2019-8567).
  • XPC: a malicious application may be able to overwrite arbitrary files (CVE-2019-8530).

Si raccomanda di scaricare ed applicare gli aggiornamenti di sicurezza messi a disposizione da Apple il più presto possibile.

Per maggiori informazioni sui prodotti vulnerabili e sugli aggiornamenti disponibili è possibile consultare i seguenti bollettini di sicurezza di Apple (in Inglese):

Notizie correlate

Apple risolve vulnerabilità multiple in AirPort

3 giugno 2019

Apple ha rilasciato un aggiornamento di sicurezza per il firmware delle basi Wi-Fi AirPort che risolvere vulnerabilità che potrebbero provocare l’esecuzione di codice in modalità remota o causare condizioni di denial of service.Leggi tutto

Aggiornamenti di sicurezza per prodotti Apple (13 maggio 2019)

14 maggio 2019

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, tvOS, watchOS, Safari e Apple TV Software.Leggi tutto

Vulnerabilità 0-day nel kernel XNU di macOS

5 marzo 2019

È stata divulgata l'esistenza di una grave vulnerabilità zero-day nel kernel XNU di macOS che potrebbe essere sfruttata per caricare in memoria codice malevolo.Leggi tutto