Fixed:An attacker with root privileges may be able to delete protected system files

About the security content of macOS Sonoma 14.7.1
Released October 28, 2024

App Support
Available for: macOS Sonoma
Impact: A malicious app may be able to run arbitrary shortcuts without user consent
Description: A path handling issue was addressed with improved logic.
CVE-2024-44255: an anonymous researcher

AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: A logic issue was addressed with improved validation.
CVE-2024-44270: Mickey Jin (@patch1t)

AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.
CVE-2024-44280: Mickey Jin (@patch1t)

Assets
Available for: macOS Sonoma
Impact: A malicious app with root privileges may be able to modify the contents of system files
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-44260: Mickey Jin (@patch1t)

CoreMedia Playback
Available for: macOS Sonoma
Impact: A malicious app may be able to access private information
Description: This issue was addressed with improved handling of symlinks.
CVE-2024-44273: pattern-f (@pattern_F_), Hikerell of Loadshine Lab

CoreServicesUIAgent
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: This issue was addressed with additional entitlement checks.
CVE-2024-44295: an anonymous researcher

CoreText
Available for: macOS Sonoma
Impact: Processing a maliciously crafted font may result in the disclosure of process memory
Description: The issue was addressed with improved checks.
CVE-2024-44240: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
CVE-2024-44302: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

CUPS
Available for: macOS Sonoma
Impact: An attacker in a privileged network position may be able to leak sensitive user information
Description: An issue existed in the parsing of URLs. This issue was addressed with improved input validation.
CVE-2024-44213: Alexandre Bedard

DiskArbitration
Available for: macOS Sonoma
Impact: A sandboxed app may be able to access sensitive user data
Description: The issue was addressed with improved checks.
CVE-2024-40855: Csaba Fitzl (@theevilbit) of Kandji

Find My
Available for: macOS Sonoma
Impact: An app may be able to read sensitive location information
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2024-44289: Kirin (@Pwnrin)

Foundation
Available for: macOS Sonoma
Impact: Parsing a file may lead to disclosure of user information
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2024-44282: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Game Controllers
Available for: macOS Sonoma
Impact: An attacker with physical access can input Game Controller events to apps running on a locked device
Description: The issue was addressed by restricting options offered on a locked device.
CVE-2024-44265: Ronny Stiftel

ImageIO
Available for: macOS Sonoma
Impact: Processing an image may result in disclosure of process memory
Description: This issue was addressed with improved checks.
CVE-2024-44215: Junsung Lee working with Trend Micro Zero Day Initiative

ImageIO
Available for: macOS Sonoma
Impact: Processing a maliciously crafted message may lead to a denial-of-service
Description: The issue was addressed with improved bounds checks.
CVE-2024-44297: Jex Amro

Installer
Available for: macOS Sonoma
Impact: An app may be able to access user-sensitive data
Description: An access issue was addressed with additional sandbox restrictions.
CVE-2024-44216: Zhongquan Li (@Guluisacat)

Installer
Available for: macOS Sonoma
Impact: A malicious application may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2024-44287: Mickey Jin (@patch1t)

IOGPUFamily
Available for: macOS Sonoma
Impact: A malicious app may be able to cause a denial-of-service
Description: The issue was addressed with improved memory handling.
CVE-2024-44197: Wang Yu of Cyberserval

Kernel
Available for: macOS Sonoma
Impact: An app may be able to leak sensitive kernel state
Description: An information disclosure issue was addressed with improved private data redaction for log entries.
CVE-2024-44239: Mateusz Krzywicki (@krzywix)

Kernel
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved validation of symlinks.
CVE-2024-44175: Csaba Fitzl (@theevilbit) of Kandji

LaunchServices
Available for: macOS Sonoma
Impact: An application may be able to break out of its sandbox
Description: A logic issue was addressed with improved checks.
CVE-2024-44122: an anonymous researcher

Maps
Available for: macOS Sonoma
Impact: An app may be able to read sensitive location information
Description: This issue was addressed with improved redaction of sensitive information.
CVE-2024-44222: Kirin (@Pwnrin)

Messages
Available for: macOS Sonoma
Impact: An app may be able to break out of its sandbox
Description: The issue was addressed with improved input sanitization.
CVE-2024-44256: Mickey Jin (@patch1t)

PackageKit
Available for: macOS Sonoma
Impact: An app may be able to bypass Privacy preferences
Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.
CVE-2024-44159: Mickey Jin (@patch1t)
CVE-2024-44156: Arsenii Kostromin (0x3c3e)

PackageKit
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: A permissions issue was addressed with additional restrictions.
CVE-2024-44196: Csaba Fitzl (@theevilbit) of Kandji

PackageKit
Available for: macOS Sonoma
Impact: An app may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2024-44253: Mickey Jin (@patch1t), Csaba Fitzl (@theevilbit) of Kandji

PackageKit
Available for: macOS Sonoma
Impact: A malicious application may be able to modify protected parts of the file system
Description: The issue was addressed with improved checks.
CVE-2024-44247: Un3xploitable of CW Research Inc
CVE-2024-44267: Bohdan Stasiuk (@Bohdan_Stasiuk), Un3xploitable of CW Research Inc, Pedro Tôrres (@t0rr3sp3dr0)
CVE-2024-44301: Bohdan Stasiuk (@Bohdan_Stasiuk), Un3xploitable of CW Research Inc, Pedro Tôrres (@t0rr3sp3dr0)
CVE-2024-44275: Arsenii Kostromin (0x3c3e)

PackageKit
Available for: macOS Sonoma
Impact: An attacker with root privileges may be able to delete protected system files
Description: A path deletion vulnerability was addressed by preventing vulnerable code from running with privileges.
CVE-2024-44294: Mickey Jin (@patch1t)

SceneKit
Available for: macOS Sonoma
Impact: Processing a maliciously crafted file may lead to unexpected app termination
Description: A buffer overflow was addressed with improved size validation.
CVE-2024-44144: 냥냥

SceneKit
Available for: macOS Sonoma
Impact: Processing a maliciously crafted file may lead to heap corruption
Description: This issue was addressed with improved checks.
CVE-2024-44218: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative

Screen Capture
Available for: macOS Sonoma
Impact: An attacker with physical access may be able to share items from the lock screen
Description: The issue was addressed with improved checks.
CVE-2024-44137: Halle Winkler, Politepix @hallewinkler

Shortcuts
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of sensitive information.
CVE-2024-44254: Kirin (@Pwnrin)

Shortcuts
Available for: macOS Sonoma
Impact: A malicious app may use shortcuts to access restricted files
Description: A logic issue was addressed with improved checks.
CVE-2024-44269: an anonymous researcher

sips
Available for: macOS Sonoma
Impact: Processing a maliciously crafted file may lead to unexpected app termination
Description: An out-of-bounds access issue was addressed with improved bounds checking.
CVE-2024-44236: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
CVE-2024-44237: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

sips
Available for: macOS Sonoma
Impact: Parsing a maliciously crafted file may lead to an unexpected app termination
Description: An out-of-bounds write issue was addressed with improved input validation.
CVE-2024-44284: Junsung Lee, dw0r! working with Trend Micro Zero Day Initiative

sips
Available for: macOS Sonoma
Impact: Parsing a file may lead to disclosure of user information
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2024-44279: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative
CVE-2024-44281: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

sips
Available for: macOS Sonoma
Impact: Parsing a maliciously crafted file may lead to an unexpected app termination
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2024-44283: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative

Siri
Available for: macOS Sonoma
Impact: A sandboxed app may be able to access sensitive user data in system logs
Description: An information disclosure issue was addressed with improved private data redaction for log entries.
CVE-2024-44278: Kirin (@Pwnrin)

SystemMigration
Available for: macOS Sonoma
Impact: A malicious app may be able to create symlinks to protected regions of the disk
Description: This issue was addressed with improved validation of symlinks.
CVE-2024-44264: Mickey Jin (@patch1t)

WindowServer
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved redaction of sensitive information.
CVE-2024-44257: Bohdan Stasiuk (@Bohdan_Stasiuk)