Apple Security Advisory 2019-1-22-4 - tvOS 12.1.2 is now available and addresses buffer overflow, code execution, and cross site scripting vulnerabilities.
e0c71ee19c824e7d6de77e42924d5b3e248bbbde354d1b3ed01c90111c895d8b
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2019-1-22-4 tvOS 12.1.2
tvOS 12.1.2 is now available and addresses the following:
AppleKeyStore
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-6235: Brandon Azad
CoreAnimation
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2019-6231: Zhuo Liang of Qihoo 360 Nirvan Team
CoreAnimation
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to break out of its
sandbox
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2019-6230: Proteas, Shrek_wzw and Zhuo Liang of Qihoo 360 Nirvan
Team
FaceTime
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A remote attacker may be able to initiate a FaceTime call
causing arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2019-6224: Natalie Silvanovich of Google Project Zero
IOKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to break out of its
sandbox
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2019-6214: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to elevate privileges
Description: A memory corruption issue was addressed with improved
validation.
CVE-2019-6225: Brandon Azad of Google Project Zero, Qixun Zhao of
Qihoo 360 Vulcan Team
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-6210: Ned Williamson of Google
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may cause unexpected changes in
memory shared between processes
Description: A memory corruption issue was addressed with improved
lock state checking.
CVE-2019-6205: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2019-6213: Ian Beer of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to determine kernel
memory layout
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed with improved input
validation.
CVE-2019-6209: Brandon Azad of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may cause unexpected changes in
memory shared between processes
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2019-6208: Jann Horn of Google Project Zero
libxpc
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2019-6218: Ian Beer of Google Project Zero
SQLite
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: A maliciously crafted SQL query may lead to arbitrary code
execution
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2018-20346: Tencent Blade Team
CVE-2018-20505: Tencent Blade Team
CVE-2018-20506: Tencent Blade Team
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2019-6227: Qixun Zhao of Qihoo 360 Vulcan Team
CVE-2019-6233: G. Geshev from MWR Labs working with Trend Micro's
Zero Day Initiative
CVE-2019-6234: G. Geshev from MWR Labs working with Trend Micro's
Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
universal cross site scripting
Description: A logic issue was addressed with improved validation.
CVE-2019-6229: Ryan Pickren (ryanpickren.com)
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2019-6215: Lokihardt of Google Project Zero
WebKit
Available for: Apple TV 4K and Apple TV (4th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed with
improved memory handling.
CVE-2019-6212: an anonymous researcher, Wen Xu of SSLab at Georgia
Tech
CVE-2019-6216: Fluoroacetate working with Trend Micro's Zero Day
Initiative
CVE-2019-6217: Fluoroacetate working with Trend Micro's Zero Day
Initiative, Proteas, Shrek_wzw, and Zhuo Liang of Qihoo 360 Nirvan
Team
CVE-2019-6226: Apple
Additional recognition
mDNSResponder
We would like to acknowledge Fatemah Alharbi of University of
California, Riverside (UCR) and Taibah University (TU), Feng Qian of
University of Minnesota - Twin City, Jie Chang of LinkSure Network,
Nael Abu-Ghazaleh of University of California, Riverside (UCR),
Yuchen Zhou of Northeastern University, and Zhiyun Qian of University
of California, Riverside (UCR) for their assistance.
WebKit
We would like to acknowledge James Lee (@Windowsrcer) of Kryptos
Logic for their assistance.
Installation note:
Apple TV will periodically check for software updates. Alternatively,
you may manually check for software updates by selecting
"Settings -> System -> Software Update -> Update Software."
To check the current version of software, select
"Settings -> General -> About."
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQJdBAEBCABHFiEEDNXJVNCJJEAVmJdZeC9tht7TK3EFAlxHSSgpHHByb2R1Y3Qt
c2VjdXJpdHktbm9yZXBseUBsaXN0cy5hcHBsZS5jb20ACgkQeC9tht7TK3H22Q/+
PKUpdAiTuY9INzQcN53qh0p0MKPEjbBmMfEeN7jB1yKoO9e7JSMHpVt5znw106Rp
AJEzEsCYspVnAo7aWwcNygGamgNo8J/PJCGso4+drltefWa6XcInsTJ9iIk/sZCV
iHgqz0qYZFSziaL0KecMjNK35CSTJQ/qnVv5fkRXOazRpFB0Zcp3ZINb72l5zPND
CI2HkJMtGCbrUnN8OJvdFWLo7uXGIQEC3c4dlx/x8m/UtkO3Jsro1qOqTdLEKvaG
6Atj3cFVOnd/SM4geleBOe536hHPsgwTtctkNlKk8JE8CryjEarR+vpb6yRAt1Wx
U0ykaXiRPyqadHhoOjtiSIpGZstOZ3lG0VLykhDAj/J2Mu5rwiFjdM4G0wRV0DE/
jVH/NxzoMRM+226T33bY2fM8SwtTsRw0gZyytZG2iIw1xT44ajvN6KTiR+M74h+J
yYXw357yMvtOwhdnQ/Npk04OCiHvYr+Rr4spSSyJG6FkBINGL2uIx2p4GgxRFzjV
akGElyRXa6WyKbILktAQz/JF6TGQvhhqBxjOmdF04Vs1gOA9h3sM64PsJlSVhx8A
Nhvh9DjFMdBVd5es0sfCqtksWFETGnwi2kNhPc6AHAKlkgGntbR6Krc98JnxkTT+
buDgLRHED0aOFpnXiQ0lADYKLrHQoQFiM1btKUoHM94=ouaJ
-----END PGP SIGNATURE-----