SB2019121839 - Multiple vulnerabilities in Apple iPadOS

Description

This security bulletin contains information about 9 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2019-8786)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with kernel privileges.

2) Input validation error (CVE-ID: CVE-2019-8788)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Improper URL processing may lead to data exfiltration.

3) Link following (CVE-ID: CVE-2019-8789)

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1. Parsing a maliciously crafted iBooks file may lead to disclosure of user information.

4) Input validation error (CVE-ID: CVE-2019-8793)

The vulnerability allows a local authenticated user to gain access to sensitive information.

A consistency issue existed in deciding when to show the screen recording indicator. The issue was resolved with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2. A local user may be able to record the screen without a visible screen recording indicator.

5) Input validation error (CVE-ID: CVE-2019-8794)

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to read restricted memory.

6) Buffer overflow (CVE-ID: CVE-2019-8795)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, tvOS 13.2. An application may be able to execute arbitrary code with system privileges.

7) Buffer overflow (CVE-ID: CVE-2019-8797)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.

8) Buffer overflow (CVE-ID: CVE-2019-8798)

The vulnerability allows a local authenticated user to gain access to sensitive information.

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. An application may be able to execute arbitrary code with system privileges.

9) Insufficient Session Expiration (CVE-ID: CVE-2019-8803)

The vulnerability allows a local non-authenticated attacker to execute arbitrary code.

An authentication issue was addressed with improved state management. This issue is fixed in iOS 13.2 and iPadOS 13.2, macOS Catalina 10.15.1, tvOS 13.2, watchOS 6.1. A local attacker may be able to login to the account of a previously logged in user without valid credentials..

Remediation

Install update from vendor's website.

References

• https://support.apple.com/HT210721
• https://support.apple.com/HT210722
• https://support.apple.com/HT210723
• https://support.apple.com/HT210724