📄 macOS Sonoma 14.5 Denial of Service

macOS Sonoma version 14.5 has a vulnerability in the AV1Syntax::ParseHeader function that can allow for a kernel crash. ============================================================================================================================================= | Title : macOS Sonoma 14.5 potenti...

AppleAVD AV1_Syntax::Parse_Header Integer Underflow / Out-Of-Bounds Read

There is an issue in AppleAVD kernel extension with decoding AV1 video files that could potentially be used to read out-of bound data or potentially cause a kernel crash when rendering a malformed video file. The issue was observed on macOS Sonoma 14.5...

AppleAVD AV1_Syntax::f Out-Of-Bounds Read

There is an issue in AppleAVD kernel extension with decoding AV1 video files that could potentially be used to read out-of bound data or potentially cause a kernel crash when rendering a malformed video file. The issue was observed on macOS Sonoma 14.5...

AppleAVD AV1_Syntax::Parse_Header Out-Of-Bounds Read

There is an issue in AppleAVD kernel extension with decoding AV1 video files that could potentially be used to read out-of bound data or potentially cause a kernel crash when rendering a malformed video file. The issue was observed on macOS Sonoma 14.5...

Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst

Posted by Ivan Fratric, Google Project Zero Recently, one of the projects I was involved in had to do with video decoding on Apple platforms, specifically AV1 decoding. On Apple devices that support AV1 video format starting from Apple A17 iOS / M3 macOS, decoding is done in hardware. However,...

About the security content of visionOS 1.3

About the security content of visionOS 1.3 This document describes the security content of visionOS 1.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are availabl...

About the security content of iOS 17.5 and iPadOS 17.5

About the security content of iOS 17.5 and iPadOS 17.5 This document describes the security content of iOS 17.5 and iPadOS 17.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

About the security content of tvOS 17.5

About the security content of tvOS 17.5 This document describes the security content of tvOS 17.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of watchOS 9.2

About the security content of watchOS 9.2 This document describes the security content of watchOS 9.2. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

About the security content of macOS Ventura 13

About the security content of macOS Ventura 13 This document describes the security content of macOS Ventura 13. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

About the security content of tvOS 16

About the security content of tvOS 16 This document describes the security content of tvOS 16. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent...

About the security content of watchOS 9

About the security content of watchOS 9 This document describes the security content of watchOS 9. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

Apple iPadOS and Apple iOS Buffer Overflow Vulnerability

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for the iPad tablet computer. A buffer error vulnerability exists in iPhone 6s and later, iPad Pro all models, iPad Air 2nd generation and...

About the security content of macOS Monterey 12.5

About the security content of macOS Monterey 12.5 This document describes the security content of macOS Monterey 12.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or release...

About the security content of iOS 15.6 and iPadOS 15.6

About the security content of iOS 15.6 and iPadOS 15.6 This document describes the security content of iOS 15.6 and iPadOS 15.6. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

The vulnerability of the AppleAVD component in operating systems such as Mac OS, iOS, iPadOS, tvOS, and watchOS allows a hacker to execute arbitrary code.

The vulnerability of the AppleAVD component in operating systems such as Mac OS, iOS, iPadOS, tvOS, and watchOS is related to the operation of writing data beyond the buffer boundaries into memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

About the security content of iOS 15.5 and iPadOS 15.5

About the security content of iOS 15.5 and iPadOS 15.5 This document describes the security content of iOS 15.5 and iPadOS 15.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches ...

About the security content of macOS Big Sur 11.6.6

About the security content of macOS Big Sur 11.6.6 This document describes the security content of macOS Big Sur 11.6.6. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...

Update now! Apple patches two zero-day vulnerabilities that may have been actively exploited

Apple has released security updates for macOS Monterey 12.3.1, iOS 15.4.1, iPadOS 15.4.1, tvOS 15.4.1, and watchOS 8.5.1. The update patches two vulnerabilities about which the advisory states that Apple is aware of a report that this issue may have been actively exploited for both vulnerabilitie...

About the security content of iOS 15.4.1 and iPadOS 15.4.1

About the security content of iOS 15.4.1 and iPadOS 15.4.1 This document describes the security content of iOS 15.4.1 and iPadOS 15.4.1. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and...