Apple Watch Series 2 (38mm) Firmware 3.2.2 Build 14V485
Type de fichier: Firmware.
Système d’exploitation: AnyOS.
Nom de fichier: c0755515b791ca10b631fab32ba59bb04a7be693.zip.
Bit: 32/64 Bit.
Licence: Gratuit.
Description
watchOS 3.2.2
AVEVideoEncoder
– Available for: All Apple Watch models
– Impact: An application may be able to gain kernel privileges
– Description: A memory corruption issue was addressed with improved memory handling.
– CVE-2017-6989: Adam Donenfeld (@doadam) of the Zimperium zLabs Team
CoreAudio
– Available for: All Apple Watch models
– Impact: An application may be able to read restricted memory
– Description: A validation issue was addressed with improved input sanitization.
– CVE-2017-2502: Yangkang (@dnpushme) of Qihoo360 Qex Team
IOSurface
– Available for: All Apple Watch models
– Impact: An application may be able to gain kernel privileges
– Description: A memory corruption issue was addressed with improved memory handling.
– CVE-2017-6979: Adam Donenfeld of Zimperium zLabs
Kernel
– Available for: All Apple Watch models
– Impact: An application may be able to execute arbitrary code with kernel privileges
– Description: A race condition was addressed through improved locking.
– CVE-2017-2501: Ian Beer of Google Project Zero
Kernel
– Available for: All Apple Watch models
– Impact: An application may be able to read restricted memory
– Description: A validation issue was addressed with improved input sanitization.
– CVE-2017-2507: Ian Beer of Google Project Zero
– CVE-2017-6987: Patrick Wardle of Synack
SQLite
– Available for: All Apple Watch models
– Impact: A maliciously crafted SQL query may lead to arbitrary code execution
– Description: A use after free issue was addressed through improved memory management.
– CVE-2017-2513: found by OSS-Fuzz
SQLite
– Available for: All Apple Watch models
– Impact: A maliciously crafted SQL query may lead to arbitrary code execution
– Description: A buffer overflow issue was addressed through improved memory handling.
– CVE-2017-2518: found by OSS-Fuzz
– CVE-2017-2520: found by OSS-Fuzz
SQLite
– Available for: All Apple Watch models
– Impact: A maliciously crafted SQL query may lead to arbitrary code execution
– Description: A memory corruption issue was addressed with improved memory handling.
– CVE-2017-2519: found by OSS-Fuzz
TextInput
– Available for: All Apple Watch models
– Impact: Parsing maliciously crafted data may lead to arbitrary code execution
– Description: A memory corruption issue was addressed with improved memory handling.
– CVE-2017-2524: Ian Beer of Google Project Zero
WebKit
– Available for: All Apple Watch models
– Impact: Processing maliciously crafted web content may lead to arbitrary code execution
– Description: Multiple memory corruption issues were addressed with improved memory handling.
– CVE-2017-2521: lokihardt of Google Project Zero
Télécharger