Paweł Płatek

**Name of the Vulnerable Software and Affected Versions** macOS Sequoia versions prior to 15.5 **Description** The issue was addressed with improved memory handling. Processing maliciously crafted web content may lead to an unexpected process crash. **Recommendations** For versions prior to 15.5, update to macOS Sequoia 15.5 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to Ventura 13.7.6 macOS versions prior to Sequoia 15.5 macOS versions prior to Sonoma 14.7.6 **Description** The issue was addressed with improved checks. An application may be able to bypass Address Space Layout Randomization (ASLR). ASLR is a security technique that randomizes the memory addresses used by a program to make it more difficult for attackers to predict the location of critical data and code. Bypassing ASLR can allow an attacker to gain control of the system. **Recommendations** Update to macOS Ventura 13.7.6 or later. Update to macOS Sequoia 15.5 or later. Update to macOS Sonoma 14.7.6 or later.

**Name of the Vulnerable Software and Affected Versions** macOS versions prior to 13.7.6 watchOS versions prior to 11.5 iOS versions prior to 18.5 iPadOS versions prior to 18.5 tvOS versions prior to 18.5 visionOS versions prior to 2.5 macOS Sequoia versions prior to 15.5 **Description** The issue relates to insufficient access control within the mDNSResponder daemon. Exploitation may allow an attacker to elevate their privileges. The vulnerability allows for local network eavesdropping and device discovery without authentication. An exploit chain involving mDNSResponder, traceroute6, libinfo, and an integer overflow can lead to root access. A new libmalloc “region-trailer” move and PAC bypass were implemented to address the issue. **Recommendations** Update macOS to version 13.7.6 or later. Update watchOS to version 11.5 or later. Update iOS to version 18.5 or later. Update iPadOS to version 18.5 or later. Update tvOS to version 18.5 or later. Update visionOS to version 2.5 or later. Update macOS Sequoia to version 15.5 or later.