About the security content of iOS 15.7.6 and iPadOS 15.7.6

This document describes the security content of iOS 15.7.6 and iPadOS 15.7.6.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

iOS 15.7.6 and iPadOS 15.7.6

Accessibility

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to bypass Privacy preferences

Description: A privacy issue was addressed with improved private data redaction for log entries.

CVE-2023-32388: Kirin (@Pwnrin)

Apple Neural Engine

Available for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)

Impact: An app may be able to break out of its sandbox

Description: This issue was addressed with improved checks.

CVE-2023-23532: Mohamed Ghannam (@_simo36)

Apple Neural Engine

Available for devices with Apple Neural Engine: iPhone 8 and later, iPad Pro (3rd generation) and later, iPad Air (3rd generation) and later, and iPad mini (5th generation)

Impact: An app may be able to gain elevated privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-32425: Mohamed Ghannam (@_simo36)

CoreCapture

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-28181: Tingting Yin of Tsinghua University

ImageIO

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: Processing an image may lead to arbitrary code execution

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2023-32384: Meysam Firouzi @R00tkitsmm working with Trend Micro Zero Day Initiative

IOSurface

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to leak sensitive kernel state

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-32410: hou xuewei (@p1ay8y3ar) vmk msu

Kernel

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: A sandboxed app may be able to observe system-wide network connections

Description: The issue was addressed with additional permissions checks.

CVE-2023-27940: James Duffy (mangoSecure)

Kernel

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to gain root privileges

Description: A race condition was addressed with improved state handling.

CVE-2023-32413: Eloi Benoist-Vanderbeken (@elvanderb) from Synacktiv (@Synacktiv) working with Trend Micro Zero Day Initiative

Kernel

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-32398: Adam Doupé of ASU SEFCOM

Metal

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to bypass Privacy preferences

Description: A logic issue was addressed with improved state management.

CVE-2023-32407: Gergely Kalman (@gergely_kalman)

NetworkExtension

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to read sensitive location information

Description: This issue was addressed with improved redaction of sensitive information.

CVE-2023-32403: Adam M.

Photos

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: Shake-to-undo may allow a deleted photo to be re-surfaced without authentication

Description: The issue was addressed with improved checks.

CVE-2023-32365: Jiwon Park

Shell

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved state management.

CVE-2023-32397: Arsenii Kostromin (0x3c3e)

Shortcuts

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: A shortcut may be able to use sensitive data with certain actions without prompting the user

Description: The issue was addressed with improved checks.

CVE-2023-32391: Wenchao Li and Xiaolong Bai of Alibaba Group

Telephony

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: A remote attacker may be able to cause unexpected app termination or arbitrary code execution

Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-32412: Ivan Fratric of Google Project Zero

TV App

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: An app may be able to read sensitive location information

Description: The issue was addressed with improved handling of caches.

CVE-2023-32408: Adam M.

WebKit

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-28204: an anonymous researcher

WebKit

Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-32373: an anonymous researcher

Additional recognition

libxml2

We would like to acknowledge OSS-Fuzz, Ned Williamson of Google Project Zero for their assistance.

Reminders

We would like to acknowledge Kirin (@Pwnrin) for their assistance.

Security

We would like to acknowledge James Duffy (mangoSecure) for their assistance.

Wi-Fi

We would like to acknowledge Adam M. for their assistance.