And yet another packet Tuesday. Sticking with IPv6 for this episode: Neighbor Discovery! https://www.youtube.com/watch?v=CoaZjuuY1do #ipv6 #packetlife #pcaps #inpcapswetrust #packettuesday
Apple Updates (almost) Everything: Patch Overview
Apple yesterday released its usually set of updates across its entire portfolio of operating systems. Some issues of note:
- The update includes a patch for CVE-2022-42856 for iOS 12.5. This will help users of older Apple devices going back to the iPhone 5s. More recent operating systems received this patch in December.
- tvOS is missing. I expect a tvOS update soon to address some of the vulnerabilities.
- I do not see updates for git. Git last week patched some vulnerabilities; likely too late to be included in this update.
| Safari 16.3 | iOS 12.5.7 | macOS Monterey 12.6.3 | macOS Big Sur 11.7.3 | watchOS 9.3 | iOS 15.7.3 and iPadOS 15.7.3 | iOS 16.3 and iPadOS 16.3 | macOS Ventura 13.2 |
|---|---|---|---|---|---|---|---|
| CVE-2023-23496 [critical] WebKit The issue was addressed with improved checks. Processing maliciously crafted web content may lead to arbitrary code execution |
|||||||
| x | x | x | x | ||||
| CVE-2023-23518 [critical] WebKit The issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution |
|||||||
| x | x | x | x | x | x | ||
| CVE-2023-23517 [critical] WebKit The issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to arbitrary code execution |
|||||||
| x | x | x | x | x | x | ||
| CVE-2022-42856 [critical] *** EXPLOITED *** WebKit A type confusion issue was addressed with improved state handling. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1. |
|||||||
| x | |||||||
| CVE-2023-23499 [important] AppleMobileFileIntegrity This issue was addressed by enabling hardened runtime. An app may be able to access user-sensitive data |
|||||||
| x | x | x | x | x | |||
| CVE-2022-42915 [other] curl Multiple issues were addressed by updating to curl version 7.86.0. Multiple issues in curl |
|||||||
| x | x | ||||||
| CVE-2022-42916 [other] curl Multiple issues were addressed by updating to curl version 7.86.0. Multiple issues in curl |
|||||||
| x | x | ||||||
| CVE-2022-32221 [other] curl Multiple issues were addressed by updating to curl version 7.86.0. Multiple issues in curl |
|||||||
| x | x | ||||||
| CVE-2022-35260 [other] curl Multiple issues were addressed by updating to curl version 7.86.0. Multiple issues in curl |
|||||||
| x | x | ||||||
| CVE-2022-35252 [other] curl Multiple issues were addressed by updating to curl version 7.85.0. Multiple issues in curl |
|||||||
| x | x | ||||||
| CVE-2023-23513 [critical] dcerpc A buffer overflow issue was addressed with improved memory handling. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution |
|||||||
| x | x | x | |||||
| CVE-2023-23493 [other] DiskArbitration A logic issue was addressed with improved state management. An encrypted volume may be unmounted and remounted by a different user without prompting for the password |
|||||||
| x | x | ||||||
| CVE-2022-32915 [important] DriverKit A type confusion issue was addressed with improved checks. An app may be able to execute arbitrary code with kernel privileges |
|||||||
| x | |||||||
| CVE-2023-23507 [important] Intel Graphics Driver The issue was addressed with improved bounds checks. An app may be able to execute arbitrary code with kernel privileges |
|||||||
| x | x | ||||||
| CVE-2023-23504 [important] Kernel The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
| x | x | x | x | x | |||
| CVE-2023-23502 [other] Kernel An information disclosure issue was addressed by removing the vulnerable code. An app may be able to determine kernel memory layout |
|||||||
| x | x | x | x | ||||
| CVE-2023-23497 [important] PackageKit A logic issue was addressed with improved state management. An app may be able to gain root privileges |
|||||||
| x | x | x | |||||
| CVE-2023-23505 [other] Screen Time A privacy issue was addressed with improved private data redaction for log entries. An app may be able to access information about a user’s contacts |
|||||||
| x | x | x | x | x | x | ||
| CVE-2023-23511 [important] Weather The issue was addressed with improved memory handling. An app may be able to bypass Privacy preferences |
|||||||
| x | x | x | x | ||||
| CVE-2023-23508 [important] Windows Installer The issue was addressed with improved memory handling. An app may be able to bypass Privacy preferences |
|||||||
| x | x | x | |||||
| CVE-2023-23519 [other] ImageIO A memory corruption issue was addressed with improved state management. Processing an image may lead to a denial-of-service |
|||||||
| x | x | x | |||||
| CVE-2023-23500 [important] Kernel The issue was addressed with improved memory handling. An app may be able to leak sensitive kernel state |
|||||||
| x | x | x | x | ||||
| CVE-2023-23503 [important] Maps A logic issue was addressed with improved state management. An app may be able to bypass Privacy preferences |
|||||||
| x | x | x | x | ||||
| CVE-2023-23512 [other] Safari The issue was addressed with improved handling of caches. Visiting a website may lead to an app denial-of-service |
|||||||
| x | x | x | |||||
| CVE-2023-23498 [other] Mail Drafts A logic issue was addressed with improved state management. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account |
|||||||
| x | x | x | |||||
| CVE-2023-23506 [important] libxpc A permissions issue was addressed with improved validation. An app may be able to access user-sensitive data |
|||||||
| x | |||||||
| CVE-2023-23510 [other] Safari A permissions issue was addressed with improved validation. An app may be able to access a user’s Safari history |
|||||||
| x | |||||||
| CVE-2022-3705 [other] Vim A use after free issue was addressed with improved memory management. Multiple issues in Vim |
|||||||
| x | |||||||
| CVE-2023-23501 [important] Wi-Fi The issue was addressed with improved memory handling. An app may be able to disclose kernel memory |
|||||||
| x | |||||||
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
ISC Stormcast For Tuesday, January 24th, 2023 https://isc.sans.edu/podcastdetail.html?id=8338
×
![modal content]()
Diary Archives
Comments
www
Nov 17th 2022
6 months ago
EEW
Nov 17th 2022
6 months ago
qwq
Nov 17th 2022
6 months ago
mashood
Nov 17th 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Nov 23rd 2022
6 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
isc.sans.edu
Dec 3rd 2022
5 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
isc.sans.edu
Dec 26th 2022
5 months ago
isc.sans.edu
Dec 26th 2022
5 months ago