About the security content of tvOS 13
This document describes the security content of tvOS 13.
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.
Apple security documents reference vulnerabilities by CVE-ID when possible.
For more information about security, see the Apple Product Security page.
tvOS 13
AppleFirmwareUpdateKext
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption vulnerability was addressed with improved locking.
CVE-2019-8747: Mohamed Ghannam (@_simo36)
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved state management.
CVE-2019-8706: Yu Zhou of Ant-Financial Light-Year Security Lab
Audio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted audio file may disclose restricted memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2019-8850: Anonymous working with Trend Micro Zero Day Initiative
CFNetwork
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to a cross site scripting attack
Description: This issue was addressed with improved checks.
CVE-2019-8753: Łukasz Pilorz of Standard Chartered GBS Poland
CoreAudio
Available for: Apple TV 4K and Apple TV HD
Impact: Playing a malicious audio file may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved input validation.
CVE-2019-8592: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
CoreCrypto
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a large input may lead to a denial of service
Description: A denial of service issue was addressed with improved input validation.
CVE-2019-8741: Nicky Mouha of NIST
CoreAudio
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted movie may result in the disclosure of process memory
Description: A memory corruption issue was addressed with improved validation.
CVE-2019-8705: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
Foundation
Available for: Apple TV 4K and Apple TV HD
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2019-8746: natashenka and Samuel Groß of Google Project Zero
IOUSBDeviceFamily
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2019-8718: Joshua Hill and Sem Voigtländer
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to gain elevated privileges
Description: This issue was addressed with improved entitlements.
CVE-2019-8703: an anonymous researcher
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption vulnerability was addressed with improved locking.
CVE-2019-8740: Mohamed Ghannam (@_simo36)
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A local app may be able to read a persistent account identifier
Description: A validation issue was addressed with improved logic.
CVE-2019-8809: Apple
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2019-8712: Mohamed Ghannam (@_simo36)
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to determine kernel memory layout
Description: A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management.
CVE-2019-8744: Zhuo Liang of Qihoo 360 Vulcan Team
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2019-8709: derrek (@derrekr6) derrek (@derrekr6)
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2019-8717: Jann Horn of Google Project Zero
Kernel
Available for: Apple TV 4K and Apple TV HD
Impact: A malicious application may be able to determine kernel memory layout
Description: The issue was addressed with improved permissions logic.
CVE-2019-8780: Siguza
Keyboards
Available for: Apple TV 4K and Apple TV HD
Impact: A local user may be able to leak sensitive user information
Description: An authentication issue was addressed with improved state management.
CVE-2019-8704: 王 邦 宇 (wAnyBug.Com) of SAINTSEC
libxml2
Available for: Apple TV 4K and Apple TV HD
Impact: Multiple issues in libxml2
Description: Multiple memory corruption issues were addressed with improved input validation.
CVE-2019-8749: found by OSS-Fuzz
CVE-2019-8756: found by OSS-Fuzz
libxslt
Available for: Apple TV 4K and Apple TV HD
Impact: Multiple issues in libxslt
Description: Multiple memory corruption issues were addressed with improved input validation.
CVE-2019-8750: found by OSS-Fuzz
mDNSResponder
Available for: Apple TV 4K and Apple TV HD
Impact: An attacker in physical proximity may be able to passively observe device names in AWDL communications
Description: This issue was resolved by replacing device names with a random identifier.
CVE-2019-8799: David Kreitschmann and Milan Stute of Secure Mobile Networking Lab at Technische Universität Darmstadt
UIFoundation
Available for: Apple TV 4K and Apple TV HD
Impact: Processing a maliciously crafted text file may lead to arbitrary code execution
Description: A buffer overflow was addressed with improved bounds checking.
CVE-2019-8745: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
UIFoundation
Available for: Apple TV 4K and Apple TV HD
Impact: An application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2019-8831: riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to universal cross site scripting
Description: A logic issue was addressed with improved state management.
CVE-2019-8625: Sergei Glazunov of Google Project Zero
CVE-2019-8719: Sergei Glazunov of Google Project Zero
CVE-2019-8764: Sergei Glazunov of Google Project Zero
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved memory handling.
CVE-2019-8707: an anonymous researcher working with Trend Micro's Zero Day Initiative, cc working with Trend Micro Zero Day Initiative
CVE-2019-8710: found by OSS-Fuzz
CVE-2019-8726: Jihui Lu of Tencent KeenLab
CVE-2019-8728: Junho Jang of LINE Security Team and Hanul Choi of ABLY Corporation
CVE-2019-8733: Sergei Glazunov of Google Project Zero
CVE-2019-8734: found by OSS-Fuzz
CVE-2019-8735: G. Geshev working with Trend Micro Zero Day Initiative
CVE-2019-8743: zhunki from Codesafe Team of Legendsec at Qi'anxin Group
CVE-2019-8751: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8752: Dongzhuo Zhao working with ADLab of Venustech
CVE-2019-8763: Sergei Glazunov of Google Project Zero
CVE-2019-8765: Samuel Groß of Google Project Zero
CVE-2019-8766: found by OSS-Fuzz
CVE-2019-8773: found by OSS-Fuzz
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to universal cross site scripting
Description: A validation issue was addressed with improved logic.
CVE-2019-8762: Sergei Glazunov of Google Project Zero
WebKit
Available for: Apple TV 4K and Apple TV HD
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved validation.
CVE-2020-9932: Dongzhuo Zhao working with ADLab of Venustech
Wi-Fi
Available for: Apple TV 4K and Apple TV HD
Impact: A device may be passively tracked by its Wi-Fi MAC address
Description: A user privacy issue was addressed by removing the broadcast MAC address.
CVE-2019-8854: Ta-Lun Yen of UCCU Hacker and FuriousMacTeam of the United States Naval Academy and the Mitre Cooperation
Additional recognition
Audio
We would like to acknowledge riusksk of VulWar Corp working with Trend Micro's Zero Day Initiative for their assistance.
boringssl
We would like to acknowledge Nimrod Aviram of Tel Aviv University, Robert Merget of Ruhr University Bochum, Juraj Somorovsky of Ruhr University Bochum, Thijs Alkemade (@xnyhps) of Computest for their assistance.
HomeKit
We would like to acknowledge Tian Zhang for their assistance.
Kernel
We would like to acknowledge Brandon Azad of Google Project Zero, Vlad Tsyrklevich for their assistance.
Keyboard
We would like to acknowledge Sara Haradhvala of Harlen Web Consulting, an anonymous researcher for their assistance.
mDNSResponder
We would like to acknowledge Gregor Lang of e.solutions GmbH for their assistance.
Profiles
We would like to acknowledge Erik Johnson of Vernon Hills High School, James Seeley (@Code4iOS) of Shriver Job Corps, James Seeley (@Code4iOS) of Shriver Job Corps for their assistance.
WebKit
We would like to acknowledge MinJeong Kim of Information Security Lab, Chungnam National University, JaeCheol Ryou of the Information Security Lab, Chungnam National University in South Korea, Yiğit Can YILMAZ (@yilmazcanyigit), Zhihua Yao of DBAPPSecurity Zion Lab, an anonymous researcher, cc working with Trend Micro's Zero Day Initiative for their assistance.
Entry added October 8, 2019, updated October 29, 2019
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.