Omer Medan

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.3 macOS versions prior to 10.12.4 tvOS versions prior to 10.2 watchOS versions prior to 3.2 **Description** The issue involves symlink mishandling in the `libarchive` component, allowing local users to change arbitrary directory permissions via unspecified vectors. This is related to insufficient access control in the `libarchive` component of the operating systems. **Recommendations** For iOS versions prior to 10.3, update to version 10.3 or later. For macOS versions prior to 10.12.4, update to version 10.12.4 or later. For tvOS versions prior to 10.2, update to version 10.2 or later. For watchOS versions prior to 3.2, update to version 3.2 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.1 macOS versions prior to 10.12.1 tvOS versions prior to 10.0.1 watchOS versions prior to 3.1 **Description** The issue involves the `libarchive` component and is related to incorrect link resolution before file access. This allows a remote attacker to modify arbitrary files using a specially crafted archive containing a symlink. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For iOS versions prior to 10.1, update to version 10.1 or later. For macOS versions prior to 10.12.1, update to version 10.12.1 or later. For tvOS versions prior to 10.0.1, update to version 10.0.1 or later. For watchOS versions prior to 3.1, update to version 3.1 or later.