About the security content of watchOS 2

This document describes the security content of watchOS 2.

For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.

For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.

Where possible, CVE IDs are used to reference the vulnerabilities for further information.

To learn about other Security Updates, see Apple Security Updates.

watchOS 2

  • Apple Pay

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Some cards may allow a terminal to retrieve limited recent transaction information when making a payment

    Description: The transaction log functionality was enabled in certain configurations. This issue was addressed by removing the transaction log functionality.

    CVE-ID

    CVE-2015-5916

  • Audio

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Playing a malicious audio file may lead to an unexpected application termination

    Description: A memory corruption issue existed in the handling of audio files. This issue issue was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5862 : YoungJin Yoon of Information Security Lab. (Adv.: Prof. Taekyoung Kwon), Yonsei University, Seoul, Korea

  • Certificate Trust Policy

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Update to the certificate trust policy

    Description: The certificate trust policy was updated. The complete list of certificates may be viewed at https://support.apple.com/kb/HT204873.

  • CFNetwork

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: An attacker with a privileged network position may intercept SSL/TLS connections

    Description: A certificate validation issue existed in NSURL when a certificate changed. This issue was addressed through improved certificate validation.

    CVE-ID

    CVE-2015-5824 : Timothy J. Wood of The Omni Group

  • CFNetwork

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Connecting to a malicious web proxy may set malicious cookies for a website

    Description: An issue existed in the handling of proxy connect responses. This issue was addressed by removing the set-cookie header while parsing the connect response.

    CVE-ID

    CVE-2015-5841 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University

  • CFNetwork

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: An attacker in a privileged network position can track a user's activity

    Description: A cross-domain cookie issue existed in the handling of top level domains. The issue was addressed through improved restrictions of cookie creation.

    CVE-ID

    CVE-2015-5885 : Xiaofeng Zheng of Blue Lotus Team, Tsinghua University

  • CFNetwork

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A person with physical access to an iOS device may read cache data from Apple apps

    Description: Cache data was encrypted with a key protected only by the hardware UID. This issue was addressed by encrypting the cache data with a key protected by the hardware UID and the user's passcode.

    CVE-ID

    CVE-2015-5898 : Andreas Kurtz of NESO Security Labs

  • CoreCrypto

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: An attacker may be able to determine a private key

    Description: By observing many signing or decryption attempts, an attacker may have been able to determine the RSA private key. This issue was addressed using improved encryption algorithms.

  • CoreText

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Processing a maliciously crafted font file may lead to arbitrary code execution

    Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.

    CVE-ID

    CVE-2015-5874 : John Villamil (@day6reak), Yahoo Pentest Team

  • Data Detectors Engine

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Processing a maliciously crafted text file may lead to arbitrary code execution

    Description: Memory corruption issues existed in the processing of text files. These issues were addressed through improved bounds checking.

    CVE-ID

    CVE-2015-5829 : M1x7e1 of Safeye Team (www.safeye.org)

  • Dev Tools

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A malicious application may be able to execute arbitrary code with system privileges

    Description: A memory corruption issue existed in dyld. This was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5876 : beist of grayhash

  • Disk Images

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local user may be able to execute arbitrary code with system privileges

    Description: A memory corruption issue existed in DiskImages. This issue was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5847 : Filippo Bigarella, Luca Todesco

  • dyld

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: An application may be able to bypass code signing

    Description: An issue existed with validation of the code signature of executables. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2015-5839 : @PanguTeam, TaiG Jailbreak Team

  • GasGauge

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local user may be able to execute arbitrary code with kernel privileges

    Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.

    CVE-ID

    CVE-2015-5918 : Apple

    CVE-2015-5919 : Apple

  • ICU

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Multiple vulnerabilities in ICU

    Description: Multiple vulnerabilities existed in ICU versions prior to 53.1.0. These issues were addressed by updating ICU to version 55.1.

    CVE-ID

    CVE-2014-8146 : Marc Deslauriers

    CVE-2014-8147 : Marc Deslauriers

    CVE-2015-5922 : Mark Brand of Google Project Zero

  • IOAcceleratorFamily

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A malicious application may be able to determine kernel memory layout

    Description: An issue existed that led to the disclosure of kernel memory content. This issue was addressed through improved bounds checking.

    CVE-ID

    CVE-2015-5834 : Cererdlong of Alibaba Mobile Security Team

  • IOAcceleratorFamily

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local user may be able to execute arbitrary code with system privileges

    Description: A memory corruption issue existed in IOAcceleratorFamily. This issue was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5848 : Filippo Bigarella

  • IOKit

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A malicious application may be able to execute arbitrary code with system privileges

    Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5844 : Filippo Bigarella

    CVE-2015-5845 : Filippo Bigarella

    CVE-2015-5846 : Filippo Bigarella

  • IOMobileFrameBuffer

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local user may be able to execute arbitrary code with system privileges

    Description: A memory corruption issue existed in IOMobileFrameBuffer. This issue was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5843 : Filippo Bigarella

  • IOStorageFamily

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local attacker may be able to read kernel memory

    Description: A memory initialization issue existed in the kernel. This issue was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5863 : Ilja van Sprundel of IOActive

  • Kernel

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local user may be able to execute arbitrary code with kernel privileges

    Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5868 : Cererdlong of Alibaba Mobile Security Team

    CVE-2015-5896 : Maxime Villard of m00nbsd

    CVE-2015-5903 : CESG

  • Kernel

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local attacker may control the value of stack cookies

    Description: Multiple weaknesses existed in the generation of user space stack cookies. This was addressed through improved generation of stack cookies.

    CVE-ID

    CVE-2013-3951 : Stefan Esser

  • Kernel

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local process can modify other processes without entitlement checks

    Description: An issue existed where root processes using the processor_set_tasks API were allowed to retrieve the task ports of other processes. This issue was addressed through added entitlement checks.

    CVE-ID

    CVE-2015-5882 : Pedro Vilaça, working from original research by Ming-chieh Pan and Sung-ting Tsai; Jonathan Levin

  • Kernel

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: An attacker in a local LAN segment may disable IPv6 routing

    Description: An insufficient validation issue existed in handling of IPv6 router advertisements that allowed an attacker to set the hop limit to an arbitrary value. This issue was addressed by enforcing a minimum hop limit.

    CVE-ID

    CVE-2015-5869 : Dennis Spindel Ljungmark

  • Kernel

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local user may be able to determine kernel memory layout

    Description: An issue existed in XNU that led to the disclosure of kernel memory. This was addressed through improved initialization of kernel memory structures.

    CVE-ID

    CVE-2015-5842 : beist of grayhash

  • Kernel

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local user may be able to cause a system denial of service

    Description: An issue existed in HFS drive mounting. This was addressed by additional validation checks.

    CVE-ID

    CVE-2015-5748 : Maxime Villard of m00nbsd

  • libpthread

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A local user may be able to execute arbitrary code with kernel privileges

    Description: A memory corruption issue existed in the kernel. This issue was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5899 : Lufeng Li of Qihoo 360 Vulcan Team

  • PluginKit

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: A malicious enterprise application can install extensions before the application has been trusted

    Description: An issue existed in the validation of extensions during installation. This was addressed through improved app verification.

    CVE-ID

    CVE-2015-5837 : Zhaofeng Chen, Hui Xue, and Tao (Lenx) Wei of FireEye, Inc.

  • removefile

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Processing malicious data may lead to unexpected application termination

    Description: An overflow fault existed in the checkint division routines. This issue was addressed with improved division routines.

    CVE-ID

    CVE-2015-5840 : an anonymous researcher

  • SQLite

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Multiple vulnerabilities in SQLite v3.8.5

    Description: Multiple vulnerabilities existed in SQLite v3.8.5. These issues were addressed by updating SQLite to version 3.8.10.2.

    CVE-ID

    CVE-2015-3414

    CVE-2015-3415

    CVE-2015-3416

  • tidy

    Available for: Apple Watch Sport, Apple Watch, and Apple Watch Edition

    Impact: Visiting a maliciously crafted website may lead to arbitrary code execution

    Description: A memory corruption issue existed in Tidy. This issues was addressed through improved memory handling.

    CVE-ID

    CVE-2015-5522 : Fernando Muñoz of NULLGroup.com

    CVE-2015-5523 : Fernando Muñoz of NULLGroup.com

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: