Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-2023-03-27-9 Studio Display Firmware Update 16.4
Studio Display Firmware Update 16.4 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213672.
Display
Available for: macOS Ventura 13.3 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A memory corruption issue was addressed with improved
state management….
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-2023-03-27-8 Safari 16.4
Safari 16.4 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213671.
WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Processing maliciously crafted web content may bypass Same
Origin Policy
Description: This issue was addressed with improved state management.
WebKit Bugzilla: 248615
CVE-2023-27932: an anonymous researcher…
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-2023-03-27-6 tvOS 16.4
tvOS 16.4 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213674.
AppleMobileFileIntegrity
Available for: Apple TV 4K (all models) and Apple TV HD
Impact: A user may gain access to protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2023-23527: Mickey Jin (@patch1t)
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5
macOS Big Sur 11.7.5 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213675.
Apple Neural Engine
Available for: macOS Big Sur
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23540: Mohamed GHANNAM (@_simo36)
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-2023-03-27-2 iOS 15.7.4 and iPadOS 15.7.4
iOS 15.7.4 and iPadOS 15.7.4 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213673.
Accessibility
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to access information about a…
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-2023-03-27-1 iOS 16.4 and iPadOS 16.4
iOS 16.4 and iPadOS 16.4 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213676.
Accessibility
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to access information about a user’s…
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4
macOS Monterey 12.6.4 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213677.
Apple Neural Engine
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-23540: Mohamed GHANNAM (@_simo36)…
Posted by Apple Product Security via Fulldisclosure on Mar 27
APPLE-SA-2023-03-27-3 macOS Ventura 13.3
macOS Ventura 13.3 addresses the following issues.
Information about the security content is also available at https://support.apple.com/HT213670.
AMD
Available for: macOS Ventura
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2023-27968: ABC Research s.r.o.