:: Deepquest ::

There is a heap overflow in Apple’s AppleBCMWLANCore driver when handling Completed Firmware Timestamp messages (0x27).

There is a heap overflow vulnerability in Apple’s assembleBGScanResults when handling ioctl results.

A heap overflow vulnerability exists in Apple’s updateRateSetAsyncCallback when handling ioctl results.

Apple products suffer from an issue where an out-of-band NUL byte write occurs when handling WLC_E_TRACE event packets.

Heap overflow and information disclosure vulnerabilities exist in Apple’s setVendorIE when handling ioctl results.

The Apple PCIe Message Ring protocol suffers from multiple race conditions that can lead to out-of-bounds read and writes.

Apple products suffers from an information leak when handling WLC_E_COUNTRY_CODE_CHANGED event packets.

Apple Security Advisory 2017-09-19-2 – Safari 11 is now available and addresses address bar spoofing and other vulnerabilities.

Apple Security Advisory 2017-09-19-3 – Xcode 9 is now available and addresses code execution and various other vulnerabilities.

Apple Security Advisory 2017-09-20-1 – This advisory provides additional information for APPLE-SA-2017-09-19-1 iOS 11.