Apple Watch Series 2 (42mm) Firmware 3.2.2 Build 14V485
Tipo de archivo: Firmware.
Sistema Operativo: AnyOS.
Nombre del archivo: fcefdf25ea4a65713aaf90f112661581b0b83887.zip.
Bit: 32/64 Bit.
Licencia: Gratuito.
Descripción
watchOS 3.2.2
AVEVideoEncoder
– Available for: All Apple Watch models
– Impact: An application may be able to gain kernel privileges
– Description: A memory corruption issue was addressed with improved memory handling.
– CVE-2017-6989: Adam Donenfeld (@doadam) of the Zimperium zLabs Team
CoreAudio
– Available for: All Apple Watch models
– Impact: An application may be able to read restricted memory
– Description: A validation issue was addressed with improved input sanitization.
– CVE-2017-2502: Yangkang (@dnpushme) of Qihoo360 Qex Team
IOSurface
– Available for: All Apple Watch models
– Impact: An application may be able to gain kernel privileges
– Description: A memory corruption issue was addressed with improved memory handling.
– CVE-2017-6979: Adam Donenfeld of Zimperium zLabs
Kernel
– Available for: All Apple Watch models
– Impact: An application may be able to execute arbitrary code with kernel privileges
– Description: A race condition was addressed through improved locking.
– CVE-2017-2501: Ian Beer of Google Project Zero
Kernel
– Available for: All Apple Watch models
– Impact: An application may be able to read restricted memory
– Description: A validation issue was addressed with improved input sanitization.
– CVE-2017-2507: Ian Beer of Google Project Zero
– CVE-2017-6987: Patrick Wardle of Synack
SQLite
– Available for: All Apple Watch models
– Impact: A maliciously crafted SQL query may lead to arbitrary code execution
– Description: A use after free issue was addressed through improved memory management.
– CVE-2017-2513: found by OSS-Fuzz
SQLite
– Available for: All Apple Watch models
– Impact: A maliciously crafted SQL query may lead to arbitrary code execution
– Description: A buffer overflow issue was addressed through improved memory handling.
– CVE-2017-2518: found by OSS-Fuzz
– CVE-2017-2520: found by OSS-Fuzz
SQLite
– Available for: All Apple Watch models
– Impact: A maliciously crafted SQL query may lead to arbitrary code execution
– Description: A memory corruption issue was addressed with improved memory handling.
– CVE-2017-2519: found by OSS-Fuzz
TextInput
– Available for: All Apple Watch models
– Impact: Parsing maliciously crafted data may lead to arbitrary code execution
– Description: A memory corruption issue was addressed with improved memory handling.
– CVE-2017-2524: Ian Beer of Google Project Zero
WebKit
– Available for: All Apple Watch models
– Impact: Processing maliciously crafted web content may lead to arbitrary code execution
– Description: Multiple memory corruption issues were addressed with improved memory handling.
– CVE-2017-2521: lokihardt of Google Project Zero
Descargar