About the security content of macOS Ventura 13.6

This document describes the security content of macOS Ventura 13.6.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

macOS Ventura 13.6

Released September 21, 2023

Apple Neural Engine

Available for: macOS Ventura

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-40412: Mohamed GHANNAM (@_simo36)

CVE-2023-40409: Ye Zhang (@VAR10CK) of Baidu Security

Entry added September 26, 2023

Apple Neural Engine

Available for: macOS Ventura

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use-after-free issue was addressed with improved memory management.

CVE-2023-41071: Mohamed GHANNAM (@_simo36)

Entry added September 26, 2023

Apple Neural Engine

Available for: macOS Ventura

Impact: An app may be able to disclose kernel memory

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2023-40410: Tim Michaud (@TimGMichaud) of Moveworks.ai

Entry added September 26, 2023

Ask to Buy

Available for: macOS Ventura

Impact: An app may be able to access protected user data

Description: The issue was addressed with improved checks.

CVE-2023-38612: Chris Ross (Zoom)

Entry added December 22, 2023

Biometric Authentication

Available for: macOS Ventura

Impact: An app may be able to disclose kernel memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2023-41232: Liang Wei of PixiePoint Security

Entry added September 26, 2023

ColorSync

Available for: macOS Ventura

Impact: An app may be able to read arbitrary files

Description: The issue was addressed with improved checks.

CVE-2023-40406: JeongOhKyea of Theori

Entry added September 26, 2023

CoreAnimation

Available for: macOS Ventura

Impact: Processing web content may lead to a denial-of-service

Description: The issue was addressed with improved memory handling.

CVE-2023-40420: 이준성(Junsung Lee) of Cross Republic

Entry added September 26, 2023

Kernel

Available for: macOS Ventura

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-41984: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.

Entry added September 26, 2023

Kernel

Available for: macOS Ventura

Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations

Description: The issue was addressed with improved memory handling.

CVE-2023-41981: Linus Henze of Pinauten GmbH (pinauten.de)

Entry added September 26, 2023

Kernel

Available for: macOS Ventura

Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Description: The issue was addressed with improved checks.

CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group

libxpc

Available for: macOS Ventura

Impact: An app may be able to access protected user data

Description: An authorization issue was addressed with improved state management.

CVE-2023-41073: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)

Entry added September 26, 2023

libxpc

Available for: macOS Ventura

Impact: An app may be able to delete files for which it does not have permission

Description: A permissions issue was addressed with additional restrictions.

CVE-2023-40454: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)

Entry added September 26, 2023

libxslt

Available for: macOS Ventura

Impact: Processing web content may disclose sensitive information

Description: The issue was addressed with improved memory handling.

CVE-2023-40403: Dohyun Lee (@l33d0hyun) of PK Security

Entry added September 26, 2023

Maps

Available for: macOS Ventura

Impact: An app may be able to read sensitive location information

Description: The issue was addressed with improved handling of caches.

CVE-2023-40427: Adam M., and Wojciech Regula of SecuRing (wojciechregula.blog)

Entry added September 26, 2023

Pro Res

Available for: macOS Ventura

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2023-41063: Certik Skyfall Team

Entry added September 26, 2023

Sandbox

Available for: macOS Ventura

Impact: An app may be able to overwrite arbitrary files

Description: The issue was addressed with improved bounds checks.

CVE-2023-40452: Yiğit Can YILMAZ (@yilmazcanyigit)

Entry added September 26, 2023

Sandbox

Available for: macOS Ventura

Impact: Apps that fail verification checks may still launch

Description: The issue was addressed with improved checks.

CVE-2023-41996: Yiğit Can YILMAZ (@yilmazcanyigit) and Mickey Jin (@patch1t)

Entry added September 26, 2023

Security

Available for: macOS Ventura

Impact: A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.

Description: A certificate validation issue was addressed.

CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group

Share Sheet

Available for: macOS Ventura

Impact: An app may be able to access sensitive data logged when a user shares a link

Description: A logic issue was addressed with improved checks.

CVE-2023-41070: Kirin (@Pwnrin)

Entry added September 26, 2023

StorageKit

Available for: macOS Ventura

Impact: An app may be able to read arbitrary files

Description: This issue was addressed with improved validation of symlinks.

CVE-2023-41968: Mickey Jin (@patch1t), James Hutchins

Entry added September 26, 2023

 

Additional recognition

Apple Neural Engine

We would like to acknowledge pattern-f (@pattern_F_) of Ant Security Light-Year Lab for their assistance.

Entry added December 22, 2023

AppSandbox

We would like to acknowledge Kirin (@Pwnrin) for their assistance.

Entry added September 26, 2023

Kernel

We would like to acknowledge Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group for their assistance.

libxml2

We would like to acknowledge OSS-Fuzz, and Ned Williamson of Google Project Zero for their assistance.

Entry added September 26, 2023

WebKit

We would like to acknowledge Khiem Tran, and Narendra Bhati From Suma Soft Pvt. Ltd, Pune (India) for their assistance.

Entry added September 26, 2023

WebRTC

We would like to acknowledge anonymous researcher for their assistance.

Entry added September 26, 2023

 

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: