Security updates

MacOS Monterey 12.7.6
Security updates

APFS
Available for: macOS Monterey
Impact: A malicious application may be able to bypass Privacy preferences
Description: The issue was addressed with improved restriction of data container access.
CVE-2024-40783: Csaba Fitzl (@theevilbit) of Kandji

Apple Neural Engine
Available for: macOS Monterey
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2024-27826: Minghao Lin, and Ye Zhang (@VAR10CK) of Baidu Security

AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to leak sensitive user information
Description: A downgrade issue was addressed with additional code-signing restrictions.
CVE-2024-40775: Mickey Jin (@patch1t)

AppleMobileFileIntegrity
Available for: macOS Monterey
Impact: An app may be able to bypass Privacy preferences
Description: A downgrade issue was addressed with additional code-signing restrictions.
CVE-2024-40774: Mickey Jin (@patch1t)

AppleVA
Available for: macOS Monterey
Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents
Description: The issue was addressed with improved memory handling.
CVE-2024-27877: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative

CoreGraphics
Available for: macOS Monterey
Impact: Processing a maliciously crafted file may lead to unexpected app termination
Description: An out-of-bounds read issue was addressed with improved input validation.
CVE-2024-40799: D4m0n

CoreMedia
Available for: macOS Monterey
Impact: Processing a maliciously crafted video file may lead to unexpected app termination
Description: An out-of-bounds write issue was addressed with improved input validation.
CVE-2024-27873: Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations

curl
Available for: macOS Monterey
Impact: Multiple issues in curl
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2024-2004
CVE-2024-2379
CVE-2024-2398
CVE-2024-2466

DesktopServices
Available for: macOS Monterey
Impact: An app may be able to overwrite arbitrary files
Description: The issue was addressed with improved checks.
CVE-2024-40827: an anonymous researcher

Disk Management
Available for: macOS Monterey
Impact: A malicious app may be able to gain root privileges
Description: The issue was addressed with improved checks.
CVE-2024-40828: Mickey Jin (@patch1t)

ImageIO
Available for: macOS Monterey
Impact: Processing an image may lead to a denial-of-service
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2023-6277
CVE-2023-52356

ImageIO
Available for: macOS Monterey
Impact: Processing a maliciously crafted file may lead to unexpected app termination
Description: An out-of-bounds read issue was addressed with improved input validation.
CVE-2024-40806: Yisumi

Kernel
Available for: macOS Monterey
Impact: A local attacker may be able to cause unexpected system shutdown
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2024-40816: sqrtpwn

Kernel
Available for: macOS Monterey
Impact: A local attacker may be able to cause unexpected system shutdown
Description: A type confusion issue was addressed with improved memory handling.
CVE-2024-40788: Minghao Lin and Jiaxun Zhu from Zhejiang University

Keychain Access
Available for: macOS Monterey
Impact: An attacker may be able to cause unexpected app termination
Description: A type confusion issue was addressed with improved checks.
CVE-2024-40803: Patrick Wardle of DoubleYou & the Objective-See Foundation

NetworkExtension
Available for: macOS Monterey
Impact: Private browsing may leak some browsing history
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2024-40796: Adam M.

OpenSSH
Available for: macOS Monterey
Impact: A remote attacker may be able to cause arbitrary code execution
Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2024-6387

PackageKit
Available for: macOS Monterey
Impact: A local attacker may be able to elevate their privileges
Description: The issue was addressed with improved checks.
CVE-2024-40781: Mickey Jin (@patch1t)
CVE-2024-40802: Mickey Jin (@patch1t)

PackageKit
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved checks.
CVE-2024-40823: Zhongquan Li (@Guluisacat) from Dawn Security Lab of JingDong

PackageKit
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file system
Description: A permissions issue was addressed with additional restrictions.
CVE-2024-27882: Mickey Jin (@patch1t)
CVE-2024-27883: Csaba Fitzl (@theevilbit) of Kandji and Mickey Jin (@patch1t)

Restore Framework
Available for: macOS Monterey
Impact: An app may be able to modify protected parts of the file system
Description: An input validation issue was addressed with improved input validation.
CVE-2024-40800: Claudio Bozzato and Francesco Benvenuto of Cisco Talos

RTKit
Available for: macOS Monterey
Impact: An attacker with arbitrary kernel read and write capability may be able to bypass kernel memory protections. Apple is aware of a report that this issue may have been exploited.
Description: A memory corruption issue was addressed with improved validation.
CVE-2024-23296

Safari
Available for: macOS Monterey
Impact: Visiting a website that frames malicious content may lead to UI spoofing
Description: The issue was addressed with improved UI handling.
CVE-2024-40817: Yadhu Krishna M and Narendra Bhati, Manager of Cyber Security At Suma Soft Pvt. Ltd, Pune (India)

Scripting Bridge
Available for: macOS Monterey
Impact: An app may be able to access information about a user’s contacts
Description: A privacy issue was addressed with improved private data redaction for log entries.
CVE-2024-27881: Kirin (@Pwnrin)

Security
Available for: macOS Monterey
Impact: Third party app extensions may not receive the correct sandbox restrictions
Description: An access issue was addressed with additional sandbox restrictions.
CVE-2024-40821: Joshua Jones

Security
Available for: macOS Monterey
Impact: An app may be able to read Safari's browsing history
Description: This issue was addressed with improved redaction of sensitive information.
CVE-2024-40798: Adam M.

Shortcuts
Available for: macOS Monterey
Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user
Description: A logic issue was addressed with improved checks.
CVE-2024-40833: an anonymous researcher
CVE-2024-40835: an anonymous researcher
CVE-2024-40807: an anonymous researcher

Shortcuts
Available for: macOS Monterey
Impact: A shortcut may be able to bypass sensitive Shortcuts app settings
Description: This issue was addressed by adding an additional prompt for user consent.
CVE-2024-40834: Marcio Almeida from Tanto Security

Shortcuts
Available for: macOS Monterey
Impact: A shortcut may be able to bypass Internet permission requirements
Description: This issue was addressed by adding an additional prompt for user consent.
CVE-2024-40787: an anonymous researcher

Shortcuts
Available for: macOS Monterey
Impact: An app may be able to access user-sensitive data
Description: This issue was addressed by removing the vulnerable code.
CVE-2024-40793: Kirin (@Pwnrin)

Shortcuts
Available for: macOS Monterey
Impact: A shortcut may be able to bypass Internet permission requirements
Description: A logic issue was addressed with improved checks.
CVE-2024-40809: an anonymous researcher
CVE-2024-40812: an anonymous researcher

Time Zone
Available for: macOS Monterey
Impact: An attacker may be able to read information belonging to another user
Description: A logic issue was addressed with improved state management.
CVE-2024-23261: Matthew Loewen