Manfp

**Name of the Vulnerable Software and Affected Versions** tvOS versions prior to 17.5 iOS versions prior to 16.7.8 and prior to 17.5 iPadOS versions prior to 16.7.8 and prior to 17.5 visionOS version prior to 1.2 Safari version prior to 17.5 **Description** An integer overflow was addressed with improved input validation. Processing maliciously crafted web content may lead to arbitrary code execution. A remote attacker may be able to access confidential data, compromise its integrity, and cause a denial of service. **Recommendations** For tvOS versions prior to 17.5, update to tvOS 17.5. For iOS versions prior to 16.7.8, update to iOS 16.7.8. For iOS versions prior to 17.5, update to iOS 17.5. For iPadOS versions prior to 16.7.8, update to iPadOS 16.7.8. For iPadOS versions prior to 17.5, update to iPadOS 17.5. For visionOS version prior to 1.2, update to visionOS 1.2. For Safari version prior to 17.5, update to Safari 17.5.

**Name of the Vulnerable Software and Affected Versions** Apple Safari iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, macOS Sonoma 14.5 WebKitGTK versions prior to 2.44.2 WebKit2GTK versions prior to 2.44.2 **Description** This issue addresses a vulnerability where an attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. The vulnerability affects Apple Safari, WebKitGTK, and WPE WebKit. Multiple reports indicate that this flaw could lead to code execution. The issue has been addressed with improved checks in versions iOS 17.5 and iPadOS 17.5, tvOS 17.5, Safari 17.5, watchOS 10.5, macOS Sonoma 14.5, and WebKitGTK versions 2.44.2 and later. **Recommendations** Update Apple Safari to iOS 17.5 and iPadOS 17.5, tvOS 17.5, watchOS 10.5, or macOS Sonoma 14.5. Update WebKitGTK to version 2.44.2 or later. Update WPE WebKit to version 2.44.2 or later.

**Name of the Vulnerable Software and Affected Versions** watchOS versions prior to 8.7 tvOS versions prior to 15.6 iOS versions prior to 15.6 iPadOS versions prior to 15.6 macOS Monterey versions prior to 12.5 **Description** The issue allows UI spoofing when visiting a website that frames malicious content. This can lead to potential security risks. **Recommendations** For watchOS versions prior to 8.7, update to watchOS 8.7 to resolve the issue. For tvOS versions prior to 15.6, update to tvOS 15.6 to resolve the issue. For iOS versions prior to 15.6, update to iOS 15.6 to resolve the issue. For iPadOS versions prior to 15.6, update to iPadOS 15.6 to resolve the issue. For macOS Monterey versions prior to 12.5, update to macOS Monterey 12.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 92.0.4515.159 **Description** The issue is related to a type confusion in the V8 JavaScript engine of Google Chrome, which can be exploited by a remote attacker to execute arbitrary code inside a sandbox. This can be achieved via a crafted HTML page. **Recommendations** For versions prior to 92.0.4515.159, update to version 92.0.4515.159 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Google Chrome versions prior to 92.0.4515.159 **Description** The issue is related to a type confusion in the V8 JavaScript engine, allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. This can be achieved by exploiting errors in data type mixing. **Recommendations** For versions prior to 92.0.4515.159, update to version 92.0.4515.159 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions prior to 5.13-rc4 Linux kernel versions 5.7-rc1 through 5.12.3 Linux kernel versions 5.10-rc1 through 5.10.36 Linux kernel versions 5.11 through 5.11.20 **Description** The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue is related to a buffer overflow in memory, allowing an attacker to execute arbitrary code in the context of the kernel. **Recommendations** For Linux kernel versions prior to 5.13-rc4, update to version 5.13-rc4 or later. For Linux kernel versions 5.7-rc1 through 5.12.3, update to version 5.12.4 or later. For Linux kernel versions 5.10-rc1 through 5.10.36, update to version 5.10.37 or later. For Linux kernel versions 5.11 through 5.11.20, update to version 5.11.21 or later. As a temporary workaround, consider disabling the eBPF functionality until a patch is available.