About the security content of macOS Sierra 10.12.6, Security Update 2017-003 El Capitan, and Security Update 2017-003 Yosemite

This document describes the security content of macOS Sierra 10.12.6, Security Update 2017-003 El Capitan, and Security Update 2017-003 Yosemite.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

For more information about security, see the Apple Product Security page. You can encrypt communications with Apple using the Apple Product Security PGP Key.

Apple security documents reference vulnerabilities by CVE-ID when possible.

macOS Sierra 10.12.6, Security Update 2017-003 El Capitan, and Security Update 2017-003 Yosemite

Released July 19, 2017

afclip

Available for: macOS Sierra 10.12.5

Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution

Description: A memory corruption issue was addressed through improved input validation.

CVE-2017-7016: riusksk (泉哥) of Tencent Security Platform Department

afclip

Available for: macOS Sierra 10.12.5

Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7033: riusksk (泉哥) of Tencent Security Platform Department

AppleGraphicsControl

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-13853: shrek_wzw from Qihoo 360 NirvanTeam

Entry added November 2, 2017

AppleGraphicsPowerManagement

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7021: sss and Axis of Qihoo 360 Nirvan Team

Audio

Available for: macOS Sierra 10.12.5

Impact: Processing a maliciously crafted audio file may disclose restricted memory

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7015: riusksk (泉哥) of Tencent Security Platform Department

Bluetooth

Available for: macOS Sierra 10.12.5

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7050: Min (Spark) Zheng of Alibaba Inc.

CVE-2017-7051: Alex Plaskett of MWR InfoSecurity

Bluetooth

Available for: macOS Sierra 10.12.5

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7054: Alex Plaskett of MWR InfoSecurity, Lufeng Li of Qihoo 360 Vulcan Team

Contacts

Available for: macOS Sierra 10.12.5

Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution

Description: A buffer overflow issue was addressed through improved memory handling.

CVE-2017-7062: Shashank (@cyberboyIndia)

CoreAudio

Available for: macOS Sierra 10.12.5

Impact: Processing a maliciously crafted movie file may lead to arbitrary code execution

Description: A memory corruption issue was addressed with improved bounds checking.

CVE-2017-7008: Yangkang (@dnpushme) of Qihoo 360 Qex Team

curl

Available for: macOS Sierra 10.12.5

Impact: Multiple issues in curl

Description: Multiple issues were addressed by updating to version 7.54.0.

CVE-2016-9586

CVE-2016-9594

CVE-2017-2629

CVE-2017-7468

Foundation

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: Processing a maliciously crafted file may lead to arbitrary code execution

Description: A memory corruption issue was addressed through improved input validation.

CVE-2017-7031: HappilyCoded (ant4g0nist and r3dsm0k3)

Font Importer

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: Processing a maliciously crafted font may result in the disclosure of process memory

Description: A memory corruption issue was addressed through improved input validation.

CVE-2017-13850: John Villamil, Doyensec

Entry added October 31, 2017

Intel Graphics Driver

Available for: macOS Sierra 10.12.5

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7014: Lee of Minionz, Axis and sss of Qihoo 360 Nirvan Team

CVE-2017-7017: chenqin of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)

CVE-2017-7035: shrek_wzw of Qihoo 360 Nirvan Team

CVE-2017-7044: shrek_wzw of Qihoo 360 Nirvan Team

Intel Graphics Driver

Available for: macOS Sierra 10.12.5

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2017-7036: shrek_wzw of Qihoo 360 Nirvan Team

CVE-2017-7045: shrek_wzw of Qihoo 360 Nirvan Team

IOUSBFamily

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7009: shrek_wzw of Qihoo 360 Nirvan Team

Kernel

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7022: an anonymous researcher

CVE-2017-7024: an anonymous researcher

Kernel

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7023: an anonymous researcher

Kernel

Available for: macOS Sierra 10.12.5

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7025: an anonymous researcher

CVE-2017-7027: an anonymous researcher

CVE-2017-7069: Proteas of Qihoo 360 Nirvan Team

Kernel

Available for: macOS Sierra 10.12.5

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7026: an anonymous researcher

Kernel

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2017-7028: an anonymous researcher

CVE-2017-7029: an anonymous researcher

Kernel

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: An application may be able to read restricted memory

Description: A validation issue was addressed with improved input sanitization.

CVE-2017-7067: shrek_wzw of Qihoo 360 Nirvan Team

kext tools

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7032: Axis and sss of Qihoo 360 Nirvan Team

libarchive

Available for: macOS Sierra 10.12.5

Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution

Description: A buffer overflow was addressed through improved bounds checking.

CVE-2017-7068: found by OSS-Fuzz

libxml2

Available for: macOS Sierra 10.12.5, OS X El Capitan 10.11.6, and OS X Yosemite 10.10.5

Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information

Description: An out-of-bounds read was addressed through improved bounds checking.

CVE-2017-7010: Apple

CVE-2017-7013: found by OSS-Fuzz

libxpc

Available for: macOS Sierra 10.12.5 and OS X El Capitan 10.11.6

Impact: An application may be able to execute arbitrary code with system privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7047: Ian Beer of Google Project Zero

Wi-Fi

Available for: macOS Sierra 10.12.5

Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-7065: Gal Beniamini of Google Project Zero

Entry added September 25, 2017

Wi-Fi

Available for: macOS Sierra 10.12.5

Impact: An attacker within range may be able to execute arbitrary code on the Wi-Fi chip

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2017-9417: Nitay Artenstein of Exodus Intelligence

macOS Sierra 10.12.6, Security Update 2017-003 El Capitan, and Security Update 2017-003 Yosemite includes the security content of Safari 10.1.2.

Additional recognition

curl

We would like to acknowledge Dave Murdock of Tangerine Element for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: