-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-03-24-4 watchOS 6.2
watchOS 6.2 is now available and addresses the following: ActionKit Available for: Apple Watch Series 1 and later Impact: An application may be able to use an SSH client provided by private frameworks Description: This issue was addressed with a new entitlement. CVE-2020-3917: Steven Troughton-Smith (@stroughtonsmith) AppleMobileFileIntegrity Available for: Apple Watch Series 1 and later Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-3883: Linus Henze (pinauten.de) CoreFoundation Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to elevate privileges Description: A permissions issue existed. This issue was addressed with improved permission validation. CVE-2020-3913: Timo Christ of Avira Operations GmbH & Co. KG Icons Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to identify what other applications a user has installed Description: The issue was addressed with improved handling of icon caches. CVE-2020-9773: Chilik Tamir of Zimperium zLabs Icons Available for: Apple Watch Series 1 and later Impact: Setting an alternate app icon may disclose a photo without needing permission to access photos Description: An access issue was addressed with additional sandbox restrictions. CVE-2020-3916: Vitaliy Alekseev (@villy21) Image Processing Available for: Apple Watch Series 1 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-9768: Mohamed Ghannam (@_simo36) IOHIDFamily Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-3919: an anonymous researcher Kernel Available for: Apple Watch Series 1 and later Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-3914: pattern-f (@pattern_F_) of WaCai Kernel Available for: Apple Watch Series 1 and later Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple memory corruption issues were addressed with improved state management. CVE-2020-9785: Proteas of Qihoo 360 Nirvan Team libxml2 Available for: Apple Watch Series 1 and later Impact: Multiple issues in libxml2 Description: A buffer overflow was addressed with improved bounds checking. CVE-2020-3909: LGTM.com CVE-2020-3911: found by OSS-Fuzz libxml2 Available for: Apple Watch Series 1 and later Impact: Multiple issues in libxml2 Description: A buffer overflow was addressed with improved size validation. CVE-2020-3910: LGTM.com Messages Available for: Apple Watch Series 1 and later Impact: A person with physical access to a locked iOS device may be able to respond to messages even when replies are disabled Description: A logic issue was addressed with improved state management. CVE-2020-3891: Peter Scott WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-3895: grigoritchy CVE-2020-3900: Dongzhuo Zhao working with ADLab of Venustech WebKit Available for: Apple Watch Series 1 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2020-3901: Benjamin Randazzo (@____benjamin) WebKit Available for: Apple Watch Series 1 and later Impact: A remote attacker may be able to cause arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2020-3897: Brendan Draper (@6r3nd4n) working with Trend Micro’s Zero Day Initiative Additional recognition FontParser We would like to acknowledge Matthew Denton of Google Chrome for their assistance. Kernel We would like to acknowledge Siguza for their assistance. LinkPresentation We would like to acknowledge Travis for their assistance. Phone We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) for their assistance. rapportd We would like to acknowledge Alexander Heinrich (@Sn0wfreeze) of Technische Universität Darmstadt for their assistance. WebKit We would like to acknowledge Samuel Groß of Google Project Zero and an anonymous researcher for their assistance. Installation note: Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJeejDTAAoJEAc+Lhnt8tDNWTIQAKGhA+iQc47adRlNt49MEvtt wJC+FVUyln9eSvCfK1D9tqUJJWMpmSCtQ8B2wNT7iHHOpW3KWjWKVqTdQjB5ndTs UlcIkLB5YPQxuX9E8v+HoX3roX3PiaDoHo4yc/CmHeWw7ojQD2MgimO0Bqk9fJuM yY9cJXl+fgKiguxbGRD5WGRYHvMlS5wt2KX0GIM3GOPX91rbbvfN8S4Eey3gqsSA tx+kRjOm3Jzt1icEAKzE86JML2KBsonpYOD8JeYnu3FAfFNwlBWH4+gwkYrUeuXP 39AhNXF3yXghauZ0CLU3ekFl9S2edK5bwmuouDAfZIK2phcSk6XtDDJEuHyRvHIi cDUtFQy6z9/P+AwgJBKIQO5JlQUwN+du/RcLXpkJ80Kn/HliuIp64Qd4lIPv9Ekc zOLGKw9tA0wI+gystYbF6RokgeS37HmO+ivZlEUbujPhhTisoqDbh1Ebx2GgWN5A 0AnoybklupZNY33YKYG1bKnDX77iMpNcY24rfSFs8zYxeDCdMBakZB0mp7aqEH+h k2Ur4KFgGUrWsKLBVQZA72Qr7O3+Q/z3jJtOSY28HzHcdxXSuNO3oc96s/rID4aC 4NHldBBoJMK92/ukTjC++AVijTOWWAxRtnAXEPaCcRNp6mDLVhJTm08/44jijKy4 uBy7TA1wLL3sLdqRIr7h =shBp -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
