copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2016.0140 - [OSX] Apple OS X: Multiple vulnerabilities

Date: 20 January 2016
References: ASB-2016.0036  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2016.0140
           OS X El Capitan 10.11.3 and Security Update 2016-001
                              20 January 2016

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Apple OS X
Publisher:         Apple
Operating System:  OS X
Impact/Access:     Root Compromise                 -- Existing Account            
                   Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Increased Privileges            -- Existing Account            
Resolution:        Patch/Upgrade
CVE Names:         CVE-2016-1729 CVE-2016-1722 CVE-2016-1721
                   CVE-2016-1720 CVE-2016-1719 CVE-2016-1718
                   CVE-2016-1717 CVE-2016-1716 CVE-2015-7995

Original Bulletin: 
   https://support.apple.com/en-us/HT205731

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

APPLE-SA-2016-01-19-2 OS X El Capitan 10.11.3 and Security Update 
2016-001

OS X El Capitan 10.11.3 and Security Update 2016-001 is now available
and addresses the following:

AppleGraphicsPowerManagement
Available for:  OS X El Capitan v10.11 to v10.11.2
Impact:  A local user may be able to execute arbitrary code with
kernel privileges
Description:  A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1716 : moony li of Trend Micro and Liang Chen and Sen Nie of
KeenLab, Tencent

Disk Images
Available for:  OS X El Capitan v10.11 to v10.11.2
Impact:  A local user may be able to execute arbitrary code with
kernel privileges
Description:  A memory corruption issue existed in the parsing of
disk images. This issue was addressed through improved memory
handling.
CVE-ID
CVE-2016-1717 : Frank Graziano of Yahoo! Pentest Team

IOAcceleratorFamily
Available for:  OS X El Capitan v10.11.0 to v10.11.2
Impact:  A local user may be able to execute arbitrary code with
kernel privileges
Description:  A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1718 : Juwei Lin Trend Micro working with HP's Zero Day
Initiative

IOHIDFamily
Available for:  OS X El Capitan v10.11 to v10.11.2
Impact:  A local user may be able to execute arbitrary code with
kernel privileges
Description:  A memory corruption issue existed in an IOHIDFamily
API. This issue was addressed through improved memory handling.
CVE-ID
CVE-2016-1719 : Ian Beer of Google Project Zero

IOKit
Available for:  OS X El Capitan v10.11 to v10.11.2
Impact:  A local user may be able to execute arbitrary code with
kernel privileges
Description:  A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1720 : Ian Beer of Google Project Zero

Kernel
Available for:  OS X El Capitan v10.11 to v10.11.2
Impact:  A local user may be able to execute arbitrary code with
kernel privileges
Description:  A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1721 : Ian Beer of Google Project Zero and Ju Zhu of Trend
Micro

libxslt
Available for:  OS X Mavericks v10.9.5, OS X Yosemite v10.10.5,
and OS X El Capitan v10.11 to v10.11.2
Impact:  Visiting a maliciously crafted website may lead to arbitrary
code execution
Description:  A type confusion issue existed in libxslt. This issue
was addressed through improved memory handling.
CVE-ID
CVE-2015-7995 : puzzor

OSA Scripts
Available for:  OS X El Capitan v10.11 to v10.11.2
Impact:  A quarantined application may be able to override OSA script
libraries installed by the user
Description:  An issue existed when searching for scripting
libraries. This issue was addressed through improved search order and
quarantine checks.
CVE-ID
CVE-2016-1729 : an anonymous researcher

syslog
Available for:  OS X El Capitan v10.11 to v10.11.2
Impact:  A local user may be able to execute arbitrary code with root
privileges
Description:  A memory corruption issue was addressed through
improved memory handling.
CVE-ID
CVE-2016-1722 : Joshua J. Drake and Nikias Bassen of Zimperium zLabs

- -----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJWnsHdAAoJEBcWfLTuOo7tj/0P/2uG1QyMoIxPwzrtA178gig5
G1ozPA98X+6X+wd2ocVDUjROhKB+nySUuQvMr/LZY1ZyOE+zZlyv60EYefSwX9Qn
ASQfdHU73eu1cfViQOrACb5CvyCv8xQ3xEs5Z8Ruw4AaLKM5ICSaFRZKPb6VLVJ8
S4l5fYY+su5LBqM61AxQi9WlHNsy0IUARj1dz67/Q45eJat9gkzUX5Xwuya5KbMu
At2nyrzJQZhPmCl4uARglipbRE4r/jVC0Hmq8pM6rjRusO80cx6HsbUm0jIKe/xu
QRN5IMrhyp4YnYwujFIN7sknsAQYdGjoq250KFe9lWeq4HhA+JI3pqCRfPY0uqo4
tL9TBmusv6xw5WgjomobCV8hEq3zmPwNyfBDgAot/mdUMOuam3qpyEeWpSATgfUj
esgWZTPR5AAGd/dxk82Kz7PoHLDKf7lTtBbE8MRYFGaVZVZUiOjjbusYWbbikkhH
Tr1Hy0kCJ3YLWpO/6G6z5sZXdXKTMf/o/PqnoRAwxXIr6PnfcPdpf0N+/cdQaqmv
aoPNKPrCGAu3vlBHFrpP4FJgR6piZW/X30hh4DzqpGVNulUEI9USyIYsjB4M5IN7
pYUclIqpiLfXwi02uleVaetDuyPRCTY0vKOpMYVXG838aqZzpXyDRzyiPwLDMbK9
bb0aaqIVGEjM+xgCQ1db
=CR2n
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVp8RzH6ZAP0PgtI9AQLcwA//djhYFy3ez1PKi1KRpsMwJ306y1lmrHZu
+vR6PHMHbLGRmR9l33X6H/7IkbzjS046ECfdlicgUxWf3CsHnTcLc9RwePMyoErg
xZ3FEfzLN74/hzdVIseE5WxkCJnpLB1szjaPOHUGTdmhpwkHUaJaU/C5DUfddKQb
Q0N7Db2843Q93zbW22ucYILPNs6nPqtwHGdk7Lg98Id9TJNNt2M2fww9PzWtVFJh
LrVQTZrGRxhAZ3sGkB9lzBdlLAi9nG55sJ+PzhWilP6+eYyra4B5+c/fMhQ8nwXQ
+ezzyr9vUgtU/qVsFTZVHtQQEcMr5KxsWbmGNUo53DsCsCsUBHXpV6IVR4KgV1yf
kedvia2QrqReiqXYSofIk/SRwtBm7k4WG0vla66hhHaIzjXJdMxVpsrefHrdPGf7
BEOf0eiVZaI6l54PSHujg4J07988Apb6Yoi+wzh4E+Skkz+iiafKqi1eF9GZdrgg
Z9nosGhRT/zAl96gkdjklkFce+5X1ibTRZ6UylKEjcgXceb7MtRj5VeiaF0sS7vL
WleRooOfwkXzf/dLRaHQVFH5oRLpBdpXjq0r2c5Pi1ipsJ6GaFk3495IhvDG7aR5
EglhUh6uMcZveSzqyC7mjBZztVC+j/wEAvmAivEKWE35ugfDvAZUo7lUpBRbw43M
d6lAe4DoXno=
=BTKd
-----END PGP SIGNATURE-----