Ju Zhu

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 10.2 watchOS versions prior to 3.1.1 **Description** The issue involves the `Accounts` component, which allows local users to bypass intended authorization restrictions. This is achieved by leveraging the mishandling of an app uninstall, effectively exploiting errors in the authorization procedure. **Recommendations** For iOS versions prior to 10.2, update to version 10.2 or later to resolve the issue. For watchOS versions prior to 3.1.1, update to version 3.1.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** IOAcceleratorFamily versions prior to 9.3.3 IOAcceleratorFamily in watchOS versions prior to 2.2.2 **Description** The issue is related to the IOAcceleratorFamily component and is caused by a lack of protection for service data. It allows local users to obtain sensitive information from kernel memory or cause a denial of service via unspecified vectors. **Recommendations** For IOAcceleratorFamily in iOS versions prior to 9.3.3, update to version 9.3.3 or later. For IOAcceleratorFamily in watchOS versions prior to 2.2.2, update to version 2.2.2 or later.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 9.3.3 Apple tvOS versions prior to 9.2.2 Apple watchOS versions prior to 2.2.2 **Description** The issue is related to errors in pointer dereferencing in the IOAcceleratorFamily component. It can be exploited by a local attacker to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. **Recommendations** For Apple iOS versions prior to 9.3.3, update to version 9.3.3 or later. For Apple tvOS versions prior to 9.2.2, update to version 9.2.2 or later. For Apple watchOS versions prior to 2.2.2, update to version 2.2.2 or later.

**Name of the Vulnerable Software and Affected Versions** Apple OS X (affected versions not specified) iOS (affected versions not specified) **Description** The issue is caused by a buffer overflow. It may allow a local attacker to elevate privileges or cause a denial of service (memory corruption) using unspecified vectors. **Recommendations** For Apple OS X, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For iOS, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 9.2.1 OS X versions prior to 10.11.3 tvOS versions prior to 9.1.1 **Description** The issue allows local users to gain privileges or cause a denial of service due to memory corruption. It is caused by a buffer overflow in the kernel of the operating systems. **Recommendations** For iOS versions prior to 9.2.1, update to version 9.2.1 or later. For OS X versions prior to 10.11.3, update to version 10.11.3 or later. For tvOS versions prior to 9.1.1, update to version 9.1.1 or later.