Ministero dello Sviluppo Economico

CERT Nazionale Italia - Computer Emergency Response Team

Vulnerabilità

Aggiornamenti di sicurezza per prodotti Apple (28 gennaio 2020)

apple  iTunes  Safari   mercoledì, 29 gennaio 2020

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, iPadOS, tvOS, watchOS, Safari e iTunes per Windows.

Apple macOS è un sistema operativo per i computer Mac. Apple iOS è un sistema operativo per iPhone e iPod touch. Apple iPadOS è un sistema operativo per iPad basato su iOS. Apple tvOS è il sistema operativo per Apple TV. Apple watchOS è il sistema operativo per Apple Watch. Apple Safari è un browser Web disponibile per macOS e Microsoft Windows. iTunes è un’applicazione per la gestione di file multimediali.

L’aggiornamento per macOS contiene diversi fix di sicurezza che risolvono numerose vulnerabilità, di cui alcune di gravità elevata, in macOS High Sierra 10.13.6, macOS Mojave 10.14.6 e macOS Catalina 10.15.2. Lo sfruttamento delle più gravi tra queste vulnerabilità potrebbe consentire ad un attaccante di accedere ad aree di memoria protette, ottenere privilegi elevati, eseguire codice arbitrario sul sistema o provocare condizioni di denial of service.

Dettagli delle vulnerabilità risolte in macOS (in Inglese):

  • AnnotationKit: an out-of-bounds read issue may allow a remote attacker to cause unexpected application termination or arbitrary code execution (CVE-2020-3877).
  • apache_mod_php: multiple issues in PHP (CVE-2019-11043).
  • Audio: a memory corruption issue may allow an application may to execute arbitrary code with system privileges (CVE-2020-3857).
  • autofs: searching for and opening a file from an attacker controlled NFS mount may bypass Gatekeeper (CVE-2020-3866).
  • CoreBluetooth: a memory corruption issue may allow a remote attacker to cause unexpected application termination or arbitrary code execution (CVE-2020-3848, CVE-2020-3849, CVE-2020-3850).
  • CoreBluetooth: an out-of-bounds read issue may allow a remote attacker to leak memory (CVE-2020-3847).
  • Crash Reporter: a validation issue in the handling of symlinks may allow a malicious application to access restricted files (CVE-2020-3835).
  • Image Processing: a memory corruption issue may lead to arbitrary code execution viewing a maliciously crafted JPEG file (CVE-2020-3827).
  • ImageIO: an out-of-bounds read issue may lead to arbitrary code execution processing a maliciously crafted image JPEG file (CVE-2020-3826, CVE-2020-3870, CVE-2020-3878).
  • Intel Graphics Driver: a memory corruption issue may allow an application to execute arbitrary code with system privileges (CVE-2020-3845).
  • IOAcceleratorFamily: a memory corruption issue may allow an application to execute arbitrary code with kernel privileges (CVE-2020-3837).
  • IPSec: an off by one issue in the handling of racoon configuration files may lead to arbitrary code execution loading a maliciously crafted racoon configuration file (CVE-2020-3840).
  • Kernel: a validation issue may allow an application to read restricted memory (CVE-2020-3875).
  • Kernel: a memory initialization issue may allow an application to read restricted memory (CVE-2020-3872).
  • Kernel: a type confusion issue may allow an application to determine kernel memory layout (CVE-2020-3836).
  • Kernel: a memory corruption issue may allow an application to execute arbitrary code with kernel privileges (CVE-2020-3842, CVE-2020-3871).
  • libxml2: a buffer overflow issue may lead to an unexpected application termination or arbitrary code execution processing maliciously crafted XML (CVE-2020-3846).
  • libxpc: an out-of-bounds read issue may allow an application to gain elevated privileges (CVE-2020-3829).
  • PackageKit: a validation issue in the handling of symlinks may allow a malicious application to overwrite arbitrary files (CVE-2020-3830).
  • Security: a memory corruption issue may allow an application to execute arbitrary code with system privileges (CVE-2020-3854).
  • sudo: a buffer overflow issue in certain configurations may allow a local attacker to execute arbitrary code (CVE-2019-18634).
  • System: an access issue may allow a malicious application to overwrite arbitrary files (CVE-2020-3855).
  • Wi-Fi: a validation issue may allow an application to read restricted memory (CVE-2020-3839).
  • Wi-Fi: a memory corruption issue may allow a remote attacker to cause unexpected system termination or corrupt kernel memory (CVE-2020-3843).
  • wifivelocityd: an application may be able to execute arbitrary code with system privileges (CVE-2020-3838).

L’aggiornamento per iOS e iPadOS, disponibile per iPhone 6s e successivo, iPad Air 2 e successivo, iPad mini 4 e successivo e iPod touch 7a generazione, contiene diversi fix di sicurezza che risolvono diverse gravi vulnerabilità che potrebbero consentire ad un attaccante di accedere ad aree di memoria protette, elevare i propri privilegi, eseguire codice arbitrario sul sistema o provocare condizioni di denial of service.

Dettagli delle vulnerabilità risolte in iOS e iPadOS (in Inglese):

  • Audio: a memory corruption issue may allow an application may to execute arbitrary code with system privileges (CVE-2020-3857).
  • FaceTime: an issue in the handling of the local user’s self-view may allow a remote FaceTime user to cause the local user’s camera self-view to display the incorrect camera (CVE-2020-3869).
  • ImageIO: an out-of-bounds read issue may lead to arbitrary code execution processing a maliciously crafted image JPEG file (CVE-2020-3826, CVE-2020-3870, CVE-2020-3878).
  • IOAcceleratorFamily: a memory corruption issue may allow an application to execute arbitrary code with kernel privileges (CVE-2020-3837).
  • IPSec: an off by one issue in the handling of racoon configuration files may lead to arbitrary code execution loading a maliciously crafted racoon configuration file (CVE-2020-3840).
  • Kernel: a validation issue may allow an application to read restricted memory (CVE-2020-3875).
  • Kernel: a memory initialization issue may allow an application to read restricted memory (CVE-2020-3872).
  • Kernel: a type confusion issue may allow an application to determine kernel memory layout (CVE-2020-3836).
  • Kernel: a memory corruption issue may allow an application to execute arbitrary code with kernel privileges (CVE-2020-3842, CVE-2020-3871).
  • Kernel: a race condition issue may allow an application to execute arbitrary code with kernel privileges (CVE-2020-3831).
  • Kernel: a type confusion issue may allow a malicious application to execute arbitrary code with system privileges (CVE-2020-3853).
  • Kernel: a memory corruption issue may allow an application to execute arbitrary code with kernel privileges (CVE-2020-3860).
  • libxpc: a memory corruption issue may lead to heap corruption processing a maliciously crafted string (CVE-2020-3856).
  • libxpc: an out-of-bounds read issue may allow an application to gain elevated privileges (CVE-2020-3829).
  • Mail: turning off “Load remote content in messages” may not apply to all mail previews (CVE-2020-3873).
  • Messages: an inconsistent user interface issue may allow a person with physical access to an iOS device to access contacts from the lock screen (CVE-2020-3859).
  • Messages: users removed from an iMessage conversation may still be able to alter state (CVE-2020-3844).
  • Phone: a person with physical access to an iOS device may be able to access contacts from the lock screen (CVE-2020-3828).
  • Safari Login AutoFill: a local user may unknowingly send a password unencrypted over the network (CVE-2020-3841).
  • Screenshots: an issue in the naming of screenshots may cause screenshots of the Messages app to reveal additional message content (CVE-2020-3874).
  • wifivelocityd: an application may be able to execute arbitrary code with system privileges (CVE-2020-3838).

Si raccomanda di scaricare ed applicare gli aggiornamenti di sicurezza messi a disposizione da Apple il più presto possibile.

Per maggiori informazioni sui prodotti vulnerabili e sugli aggiornamenti disponibili è possibile consultare i seguenti bollettini di sicurezza di Apple (in Inglese):

  • HT210919 (macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra)
  • HT210918 (iOS 13.3.1 and iPadOS 13.3.1)
  • HT210920 (tvOS 13.3.1)
  • HT210921 (watchOS 6.1.2)
  • HT210922 (Safari 13.0.5)
  • HT210923 (iTunes 12.10.4 for Windows)

Notizie correlate

Aggiornamenti di sicurezza per prodotti Apple (24 marzo 2020)

26 marzo 2020

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, iPadOS, tvOS, watchOS, Safari, iTunes e iCloud per Windows, Xcode.Leggi tutto

Aggiornamenti di sicurezza per prodotti Apple (10-11 dicembre 2019)

12 dicembre 2019

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, iPadOS, tvOS, watchOS, Safari, Xcode, iTunes per Windows e iCloud per Windows.Leggi tutto

Aggiornamenti di sicurezza per prodotti Apple (29 ottobre 2019)

30 ottobre 2019

Apple ha rilasciato aggiornamenti di sicurezza che risolvono diverse vulnerabilità in macOS, iOS, iPadOS, tvOS, watchOS e Safari.Leggi tutto