Jzhu

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.3 Studio Display Firmware versions prior to 16.4 **Description** A memory corruption issue was addressed with improved state management, allowing an app to potentially execute arbitrary code with kernel privileges. **Recommendations** For macOS versions prior to 13.3, update to macOS Ventura 13.3 to resolve the issue. For Studio Display Firmware versions prior to 16.4, apply the Studio Display Firmware Update 16.4 to fix the problem.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.3 tvOS versions prior to 16.4 iOS versions prior to 16.4 iPadOS versions prior to 16.4 watchOS versions prior to 9.4 **Description** The issue is related to an out-of-bounds read in memory, which may allow a remote attacker to disclose protected information. This can occur when processing an image, potentially resulting in the disclosure of process memory. **Recommendations** For macOS versions prior to 13.3, update to macOS Ventura 13.3 to resolve the issue. For tvOS versions prior to 16.4, update to tvOS 16.4 to resolve the issue. For iOS versions prior to 16.4, update to iOS 16.4 to resolve the issue. For iPadOS versions prior to 16.4, update to iPadOS 16.4 to resolve the issue. For watchOS versions prior to 9.4, update to watchOS 9.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.3 tvOS versions prior to 16.4 iOS versions prior to 16.4 iPadOS versions prior to 16.4 watchOS versions prior to 9.4 **Description** An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted image may result in disclosure of process memory. **Recommendations** For macOS versions prior to 13.3, update to macOS Ventura 13.3. For tvOS versions prior to 16.4, update to tvOS 16.4. For iOS versions prior to 16.4, update to iOS 16.4. For iPadOS versions prior to 16.4, update to iPadOS 16.4. For watchOS versions prior to 9.4, update to watchOS 9.4.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.3 **Description** An out-of-bounds read issue was addressed with improved input validation. Processing an image may result in disclosure of process memory. This issue may allow an attacker to gain unauthorized access to protected information. **Recommendations** For versions prior to 13.3, update to macOS Ventura 13.3 to resolve the issue. As a temporary workaround, consider avoiding the processing of images from untrusted sources until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Apple iOS versions prior to 15.1 Apple iPadOS versions prior to 15.1 Apple macOS versions prior to Monterey 12.0.1 Apple macOS versions prior to Big Sur 11.6.1 Apple tvOS versions prior to 15.1 Apple watchOS versions prior to 8.1 Apple macOS Catalina versions prior to Security Update 2021-007 Apple iOS versions prior to 14.8.1 Apple iPadOS versions prior to 14.8.1 **Description** An out-of-bounds write issue was addressed with improved input validation. Processing a maliciously crafted PDF may lead to arbitrary code execution. **Recommendations** For Apple iOS versions prior to 15.1, update to iOS 15.1 or later. For Apple iPadOS versions prior to 15.1, update to iPadOS 15.1 or later. For Apple macOS versions prior to Monterey 12.0.1, update to macOS Monterey 12.0.1 or later. For Apple macOS versions prior to Big Sur 11.6.1, update to macOS Big Sur 11.6.1 or later. For Apple tvOS versions prior to 15.1, update to tvOS 15.1 or later. For Apple watchOS versions prior to 8.1, update to watchOS 8.1 or later. For Apple macOS Catalina versions prior to Security Update 2021-007, apply Security Update 2021-007 or later. For Apple iOS versions prior to 14.8.1, update to iOS 14.8.1 or later. For Apple iPadOS versions prior to 14.8.1, update to iPadOS 14.8.1 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 14.5 iPadOS versions prior to 14.5 **Description** The issue allows for arbitrary code execution when processing a maliciously crafted file. **Recommendations** For iOS versions prior to 14.5, update to iOS 14.5 or later. For iPadOS versions prior to 14.5, update to iPadOS 14.5 or later.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 14.7 macOS Big Sur versions prior to 11.5 watchOS versions prior to 7.6 tvOS versions prior to 14.7 iCloud for Windows versions prior to 12.5 iTunes for Windows versions prior to 12.11.4 **Description** The issue was addressed with improved checks. Processing a maliciously crafted image may lead to arbitrary code execution. **Recommendations** For iOS versions prior to 14.7, update to iOS 14.7 to resolve the issue. For macOS Big Sur versions prior to 11.5, update to macOS Big Sur 11.5 to resolve the issue. For watchOS versions prior to 7.6, update to watchOS 7.6 to resolve the issue. For tvOS versions prior to 14.7, update to tvOS 14.7 to resolve the issue. For iCloud for Windows versions prior to 12.5, update to iCloud for Windows 12.5 to resolve the issue. For iTunes for Windows versions prior to 12.11.4, update to iTunes for Windows 12.11.4 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 11.4 tvOS versions prior to 14.6 watchOS versions prior to 7.5 iOS versions prior to 14.6 iPadOS versions prior to 14.6 **Description** Processing a maliciously crafted image may lead to disclosure of user information. The issue is related to a buffer out-of-bounds read in the ImageIO component, which can be exploited by using a specially crafted WEBP file. This issue was addressed with improved checks. **Recommendations** For macOS versions prior to 11.4, update to macOS Big Sur 11.4 or later. For tvOS versions prior to 14.6, update to tvOS 14.6 or later. For watchOS versions prior to 7.5, update to watchOS 7.5 or later. For iOS versions prior to 14.6, update to iOS 14.6 or later. For iPadOS versions prior to 14.6, update to iPadOS 14.6 or later.