-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-10-28-2024-7 tvOS 18.1 tvOS 18.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/121569. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. App Support Available for: Apple TV HD and Apple TV 4K (all models) Impact: A malicious app may be able to run arbitrary shortcuts without user consent Description: A path handling issue was addressed with improved logic. CVE-2024-44255: an anonymous researcher CoreMedia Playback Available for: Apple TV HD and Apple TV 4K (all models) Impact: A malicious app may be able to access private information Description: This issue was addressed with improved handling of symlinks. CVE-2024-44273: pattern-f (@pattern_F_), Hikerell of Loadshine Lab CoreText Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: The issue was addressed with improved checks. CVE-2024-44240: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative CVE-2024-44302: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative Foundation Available for: Apple TV HD and Apple TV 4K (all models) Impact: Parsing a file may lead to disclosure of user information Description: An out-of-bounds read was addressed with improved input validation. CVE-2024-44282: Hossein Lotfi (@hosselot) of Trend Micro Zero Day Initiative ImageIO Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing an image may result in disclosure of process memory Description: This issue was addressed with improved checks. CVE-2024-44215: Junsung Lee working with Trend Micro Zero Day Initiative ImageIO Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing a maliciously crafted message may lead to a denial- of-service Description: The issue was addressed with improved bounds checks. CVE-2024-44297: Jex Amro IOSurface Available for: Apple TV HD and Apple TV 4K (all models) Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: A use-after-free issue was addressed with improved memory management. CVE-2024-44285: an anonymous researcher Kernel Available for: Apple TV HD and Apple TV 4K (all models) Impact: An app may be able to leak sensitive kernel state Description: An information disclosure issue was addressed with improved private data redaction for log entries. CVE-2024-44239: Mateusz Krzywicki (@krzywix) Managed Configuration Available for: Apple TV HD and Apple TV 4K (all models) Impact: Restoring a maliciously crafted backup file may lead to modification of protected system files Description: This issue was addressed with improved handling of symlinks. CVE-2024-44258: Hichem Maloufi, Christian Mina, Ismail Amzdak MobileBackup Available for: Apple TV HD and Apple TV 4K (all models) Impact: Restoring a maliciously crafted backup file may lead to modification of protected system files Description: A logic issue was addressed with improved file handling. CVE-2024-44252: Nimrat Khalsa, Davis Dai, James Gill (@jjtech@infosec.exchange) Pro Res Available for: Apple TV HD and Apple TV 4K (all models) Impact: An app may be able to cause unexpected system termination or corrupt kernel memory Description: The issue was addressed with improved memory handling. CVE-2024-44277: an anonymous researcher and Yinyi Wu(@_3ndy1) from Dawn Security Lab of JD.com, Inc. WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing maliciously crafted web content may prevent Content Security Policy from being enforced Description: The issue was addressed with improved checks. WebKit Bugzilla: 278765 CVE-2024-44296: Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India) WebKit Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing maliciously crafted web content may lead to an unexpected process crash Description: A memory corruption issue was addressed with improved input validation. WebKit Bugzilla: 279780 CVE-2024-44244: an anonymous researcher, Q1IQ (@q1iqF) and P1umer (@p1umer) Additional recognition ImageIO We would like to acknowledge Amir Bazine and Karsten König of CrowdStrike Counter Adversary Operations, an anonymous researcher for their assistance. NetworkExtension We would like to acknowledge Patrick Wardle of DoubleYou & the Objective-See Foundation for their assistance. Photos We would like to acknowledge James Robertson for their assistance. Security We would like to acknowledge Bing Shi, Wenchao Li and Xiaolong Bai of Alibaba Group for their assistance. Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General → About.“ All information is also posted on the Apple Security Releases web site: https://support.apple.com/100100. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEsz9altA7uTI+rE/qX+5d1TXaIvoFAmcgAScACgkQX+5d1TXa IvpzYBAAoCN0SuujtunAgU1eUmXrdnRze4Jf5Wwz23Qra51OgKehUlK2n1DuToJM Gs3Bw6inMGX+kizS4vhInhoJ7Z4kArROvKooV6qBtJw5lq7Imxr3E7305dWU230s HRjaMamEE3llDflvOo5fiKiKBYihuH+qOZ/jrdzdPSaw4zpw5gDA6za5pfAnW58U 2tzwM0zSkAXiAIBrzYlNVcmL7EYdLgullxsSK6KI26qWRAWsN9u5PljzfCBOr1vo 5geJY3EFSjdcrWm1s3AKYCPJQgiL3UwcGFIQqyKsrtwRaFUuM0l/nOIdvP8SW2BY 8wC06REVN2yV29qECsBhtaqXwybBDdwZiBaJ7BaAnHTZzrd0Vc00LC2UgMhT+Qb8 9EtcgsrImVqVKFXsdYvQlqxuWGYJRjkpMuWF2aCtqgjPvUfipzB0HDMhqgFpzeet EIMFYEV+IqoNYg6AfrsBA+ok4IHaVSyTWHB0k5rQM0YVaVF6MHqZYhKj/lbiHax9 sJbEaDkiFF+xHSKc3LnoG+KTlXboHaaNDyD4/uyEsrcS1S9y4Ni+WnZi2ufluItW Wl7aRYr+UMR6qc7zWL2mY5cafT/hfNVu6tUbfIWyN5LE9imT27IIVZfzsQ299PCF Kmi61d0fwS9AuJrxic1TnMbNEGS2g0NLcmTEMeIWFatzhpurglA= =zC9Y -----END PGP SIGNATURE-----