Apple Security Advisory 2023-01-23-2 - iOS 15.7.3 and iPadOS 15.7.3 addresses bypass and code execution vulnerabilities.
ee21407e59469cf735e9640ce25355cae5d95a4bc602316d8f031114e7f5f84a
Apple Security Advisory 2023-01-23-1 - iOS 16.3 and iPadOS 16.3 addresses bypass, code execution, and information leakage vulnerabilities.
e1d38963e60058292ec5d46d069abb5e8a1cf75d83dab5ba0137f6766a463715
On newer macOS/iOS versions, entitlements in binary signature blobs are stored in the DER format. libCoreEntitlements.dylib is the userspace library for parsing and querying such entitlements. The kernel has its own version of this library inside the AppleMobileFileIntegrity module. libCoreEntitlements exposes several functions, such as, for example, to convert entitlements to a dictionary representation (e.g. CEQueryContextToCFDictionary) or to query a specific entitlement (CEContextQuery). Unfortunately, different functions traverse the DER structure in a subtly different way, which allows one API to see one set of entitlements and another API to see a different set of entitlements.
9313c983a56ba7500d8b9861b16b1c103ae3a9454de12a836126f89cec59a1b8
Apple Security Advisory 2022-12-13-9 - Safari 16.2 addresses bypass, code execution, and use-after-free vulnerabilities.
87491cf833b3a49e10aa9918314bf6489321d8e04cec6939d195cb3f70c77dc2
Apple Security Advisory 2022-12-13-8 - watchOS 9.2 addresses bypass, code execution, integer overflow, out of bounds write, spoofing, and use-after-free vulnerabilities.
cbfa8ceb09614901b4b0bb05115fb58ae50c3fb04ef6395b18e75c81436f174b
Apple Security Advisory 2022-12-13-7 - tvOS 16.2 addresses bypass, code execution, integer overflow, out of bounds write, spoofing, and use-after-free vulnerabilities.
74ff4e02487d4bc615b6697e750a64c98e8fc416e7a5b739eed037fe127f069f
Apple Security Advisory 2022-12-13-6 - macOS Big Sur 11.7.2 addresses bypass, code execution, and integer overflow vulnerabilities.
b48a9c145ba81d8365508dc0787f261528fad814dc56294c6d211e6f8f3983bf
Apple Security Advisory 2022-12-13-5 - macOS Monterey 12.6.2 addresses bypass, code execution, and integer overflow vulnerabilities.
79a709b247d426bc8ab1d7a71fb6c94fddc8ffaba7db1441df2a880027444228
Apple Security Advisory 2022-12-13-4 - macOS Ventura 13.1 addresses bypass, code execution, out of bounds access, out of bounds write, spoofing, and use-after-free vulnerabilities.
b3bbef4a98914d0e5167d5e357e15f513f9d357c6df7cfdad446ecc8856061ac
Apple Security Advisory 2022-12-13-3 - iOS 16.1.2 addresses a code execution vulnerability.
3b5d9bba95f3634a64c2835668e5a726e2c51758bd9516987236fb25666d5d7f
Apple Security Advisory 2022-12-13-2 - iOS 15.7.2 and iPadOS 15.7.2 addresses bypass, code execution, integer overflow, out of bounds write, and spoofing vulnerabilities.
e526cdedd8ce35da09dee49922c773c4c21c09a4f4ffb9a56567d00adb6def9c
Apple Security Advisory 2022-12-13-1 - iOS 16.2 and iPadOS 16.2 addresses bypass, code execution, out of bounds write, spoofing, and use-after-free vulnerabilities.
78f3785639474b90779ccf98f62a9a102f01f943fd8dbf08927b91ea945c5a8c
Apple Security Advisory 2022-11-09-2 - macOS Ventura 13.0.1 addresses code execution and integer overflow vulnerabilities.
10c454d0b0b5904ed0e2f71ab984574a625e84a942a9a8406aa6c1ec8f046856
Apple Security Advisory 2022-11-09-1 - iOS 16.1.1 and iPadOS 16.1.1 addresses code execution and integer overflow vulnerabilities.
991b1f0f1c1f623df67f682fb82885b28002056c66e1c73a9fcc14f5d20a12ad
Apple Security Advisory 2022-11-01-1 - Xcode 14.1 addresses code execution vulnerabilities.
283ad9d8171efece3850247f493b6534fc49e5c0a1da52d7fc3564099bd20c39
Apple Security Advisory 2022-10-27-15 - Safari 16.1 addresses code execution, spoofing, and use-after-free vulnerabilities.
7e4afb58dc67e9a414148622643475a8d27c8f60baf2cda25e496eee7f816dfe
Apple Security Advisory 2022-10-27-14 - Safari 16 addresses buffer overflow, code execution, out of bounds read, and spoofing vulnerabilities.
9e96be57660dbb64494522fb501ab742107a0ac275cc908359b95be12c976690
Apple Security Advisory 2022-10-27-13 - watchOS 9 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
6428e6976f75f88772e191c66ffeca140c9771776368e32addee2afff5b485b6
Apple Security Advisory 2022-10-27-12 - watchOS 9.1 addresses code execution, out of bounds write, and spoofing vulnerabilities.
8e4f8e41c6c08442c3414a6d6392bded1a9151dda4734d8e9da1a5270584f100
Apple Security Advisory 2022-10-27-11 - tvOS 16 addresses buffer overflow, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.
63c5867db3906364c96b636cc725186f8a902a06bbf76b96d5290afa0a3aa6ea
Apple Security Advisory 2022-10-27-10 - tvOS 16.1 addresses code execution, out of bounds write, and spoofing vulnerabilities.
d88ecadeb6050736efa3cf8a66a4b1cbe4b95c51029e68ef176ad206830e4e01
Apple Security Advisory 2022-10-27-9 - macOS Big Sur 11.7 addresses buffer overflow, bypass, code execution, out of bounds write, and use-after-free vulnerabilities.
c73e2857761c956068e7a87947efc7e08c6f030930c3825652195b19d8ccc25d
Apple Security Advisory 2022-10-27-8 - macOS Big Sur 11.7.1 addresses buffer overflow and code execution vulnerabilities.
255cd9c48b3f51ada10814f39a583509a9a69b064e1c599953ddee511d2f8706
Apple Security Advisory 2022-10-27-7 - macOS Monterey 12.6 addresses buffer overflow, bypass, code execution, out of bounds write, and use-after-free vulnerabilities.
776bd472212b024c0a271e2551d3e338398d5e89c05777543489fa9ed80d28dd
Apple Security Advisory 2022-10-27-6 - macOS Monterey 12.6.1 addresses buffer overflow and code execution vulnerabilities.
979ae6bc389d83a98a7e660aa0a94786baa11ee88d138b4866b0a5dfebac283d