![]() |
Security Alert: Additional information for iOS 13.1 and iPadOS 13.1
(2019-10-29)Apple has released additional information about the security related issues addressed by iOS 13.1 and iPadOS 13.1:
- AppleFirmwareUpdateKext (CVE-2019-8747): An application may be able to execute arbitrary code with kernel privileges
- Audio (CVE-2019-8706): Processing a maliciously crafted audio file may lead to arbitrary code execution
- Books (CVE-2019-877): Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service
- Kernel (CVE-2019-8740): An application may be able to execute arbitrary code with kernel privileges
- Kernel (CVE-2019-8809): A local app may be able to read a persistent account identifier
- Kernel (CVE-2019-8780): A malicious application may be able to determine kernel memory layout
- libxslt (CVE-2019-8750): Multiple issues in libxslt
- mDNSResponder (CVE-2019-8799): An attacker in physical proximity may be able to passively observe device names in AWDL communications
- VoiceOver (CVE-2019-8775): A person with physical access to an iOS device may be able to access contacts from the lock screen
- WebKit (CVE-2019-8769): Visiting a maliciously crafted website may reveal browsing history
- WebKit (CVE-2019-8710, CVE-2019-8743, CVE-2019-8751, CVE-2019-8752, CVE-2019-8763, CVE-2019-8765, CVE-2019-8766:, CVE-2019-8773): Processing maliciously crafted web content may lead to arbitrary code execution