Apple Security Advisory 2017-09-20-3 - tvOS 11 addresses code execution vulnerabilities.
15a3c1f5437e40580d8e005ab73b5fa1f21710b492e652da0283bb117e57a3dc-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
APPLE-SA-2017-09-20-3 tvOS 11
tvOS 11 addresses the following:
Wi-Fi
Available for: Apple TV (4th generation)
Impact: Malicious code executing on the Wi-Fi chip may be able to
execute arbitrary code with kernel privileges on the application
processor
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2017-7103: Gal Beniamini of Google Project Zero
CVE-2017-7105: Gal Beniamini of Google Project Zero
CVE-2017-7108: Gal Beniamini of Google Project Zero
CVE-2017-7110: Gal Beniamini of Google Project Zero
CVE-2017-7112: Gal Beniamini of Google Project Zero
Wi-Fi
Available for: Apple TV (4th generation)
Impact: Malicious code executing on the Wi-Fi chip may be able to
execute arbitrary code with kernel privileges on the application
processor
Description: Multiple race conditions were addressed through improved
validation.
CVE-2017-7115: Gal Beniamini of Google Project Zero
Wi-Fi
Available for: Apple TV (4th generation)
Impact: Malicious code executing on the Wi-Fi chip may be able to
read restricted kernel memory
Description: A validation issue was addressed with improved input
sanitization.
CVE-2017-7116: Gal Beniamini of Google Project Zero
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQIcBAEBCgAGBQJZwtdFAAoJEIOj74w0bLRGD90P/3SlwWGkh+yI71C2P4n52kwK
EAJj475W7WveTPOeQkfc+MP0P8D7UPUpoNTGHnDvl9TKdW/ZksHF6OMolt0lvfbc
EQKsM4KJhIcynZOSBHVjcoUZ53+u1eoW0UAqZgvde7hv2ex6JybRHJdb0ysk3cGg
LlX5gQeG2oVx+j510fO5ZeBFm1NSXFjE9z1ldytQBLOScfdWHN9x+jM+elqr1tzt
T0p9Y1d2ukbWHaRWm+D3Jn6NrxXcGKzC+HI8CcX3x7UHIXn0Ofl0prBrPZ5GhbG8
hGw8mIcOCpjk7+zmToqQRNVFpHv8RCe61Jf+Jvd1d0a7ROD2sa2nSiEKyTppnomH
9As1OrZnrE+c1tfrttN4iwUhEqGa4kVXiceK728oFx8phUKpgJGe1uJG3MaAOGTp
Bg3DzTRIQufm4VOEY3G7wko1edr6wltGN4DZQJReIXPc0MTptyNh88WlK/O9NZok
KXvMYgl6GvU9WA+QNDXVSobOUpmELbnsmaADrAF+5rUwFDlOSIn33nUVhVixpMWG
LhJHHm5S3nbtkq/rZoWiDmo8q/fPgpDXi+yD8yd2PNx46xZzxw1//ff4UMrKMi9m
ucZhu9yd2xLAyeSFZTf2r2Wa6jenP80GOf3ZwDIpmy+9CsOzVlfQ2c/YI/Mb0T3J
1xEedCIxogsKRuNXEosG
=A3qE
-----END PGP SIGNATURE-----
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed