About the security content of macOS Ventura 13.6
This document describes the security content of macOS Ventura 13.6.
About Apple security updates
For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.
Apple security documents reference vulnerabilities by CVE-ID when possible.
For more information about security, see the Apple Product Security page.
macOS Ventura 13.6
Released September 21, 2023
Apple Neural Engine
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-40412: Mohamed GHANNAM (@_simo36)
CVE-2023-40409: Ye Zhang (@VAR10CK) of Baidu Security
Entry added September 26, 2023
Apple Neural Engine
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A use-after-free issue was addressed with improved memory management.
CVE-2023-41071: Mohamed GHANNAM (@_simo36)
Entry added September 26, 2023
Apple Neural Engine
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: An out-of-bounds read was addressed with improved input validation.
CVE-2023-40410: Tim Michaud (@TimGMichaud) of Moveworks.ai
Entry added September 26, 2023
Ask to Buy
Available for: macOS Ventura
Impact: An app may be able to access protected user data
Description: The issue was addressed with improved checks.
CVE-2023-38612: Chris Ross (Zoom)
Entry added December 22, 2023
Biometric Authentication
Available for: macOS Ventura
Impact: An app may be able to disclose kernel memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2023-41232: Liang Wei of PixiePoint Security
Entry added September 26, 2023
ColorSync
Available for: macOS Ventura
Impact: An app may be able to read arbitrary files
Description: The issue was addressed with improved checks.
CVE-2023-40406: JeongOhKyea of Theori
Entry added September 26, 2023
CoreAnimation
Available for: macOS Ventura
Impact: Processing web content may lead to a denial-of-service
Description: The issue was addressed with improved memory handling.
CVE-2023-40420: 이준성(Junsung Lee) of Cross Republic
Entry added September 26, 2023
Kernel
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-41984: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd.
Entry added September 26, 2023
Kernel
Available for: macOS Ventura
Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations
Description: The issue was addressed with improved memory handling.
CVE-2023-41981: Linus Henze of Pinauten GmbH (pinauten.de)
Entry added September 26, 2023
Kernel
Available for: macOS Ventura
Impact: A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: The issue was addressed with improved checks.
CVE-2023-41992: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group
libxpc
Available for: macOS Ventura
Impact: An app may be able to access protected user data
Description: An authorization issue was addressed with improved state management.
CVE-2023-41073: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Entry added September 26, 2023
libxpc
Available for: macOS Ventura
Impact: An app may be able to delete files for which it does not have permission
Description: A permissions issue was addressed with additional restrictions.
CVE-2023-40454: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab (xlab.tencent.com)
Entry added September 26, 2023
libxslt
Available for: macOS Ventura
Impact: Processing web content may disclose sensitive information
Description: The issue was addressed with improved memory handling.
CVE-2023-40403: Dohyun Lee (@l33d0hyun) of PK Security
Entry added September 26, 2023
Maps
Available for: macOS Ventura
Impact: An app may be able to read sensitive location information
Description: The issue was addressed with improved handling of caches.
CVE-2023-40427: Adam M., and Wojciech Regula of SecuRing (wojciechregula.blog)
Entry added September 26, 2023
Pro Res
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2023-41063: Certik Skyfall Team
Entry added September 26, 2023
Sandbox
Available for: macOS Ventura
Impact: An app may be able to overwrite arbitrary files
Description: The issue was addressed with improved bounds checks.
CVE-2023-40452: Yiğit Can YILMAZ (@yilmazcanyigit)
Entry added September 26, 2023
Sandbox
Available for: macOS Ventura
Impact: Apps that fail verification checks may still launch
Description: The issue was addressed with improved checks.
CVE-2023-41996: Yiğit Can YILMAZ (@yilmazcanyigit) and Mickey Jin (@patch1t)
Entry added September 26, 2023
Security
Available for: macOS Ventura
Impact: A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
Description: A certificate validation issue was addressed.
CVE-2023-41991: Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group
Share Sheet
Available for: macOS Ventura
Impact: An app may be able to access sensitive data logged when a user shares a link
Description: A logic issue was addressed with improved checks.
CVE-2023-41070: Kirin (@Pwnrin)
Entry added September 26, 2023
StorageKit
Available for: macOS Ventura
Impact: An app may be able to read arbitrary files
Description: This issue was addressed with improved validation of symlinks.
CVE-2023-41968: Mickey Jin (@patch1t), James Hutchins
Entry added September 26, 2023
Additional recognition
Apple Neural Engine
We would like to acknowledge pattern-f (@pattern_F_) of Ant Security Light-Year Lab for their assistance.
Entry added December 22, 2023
AppSandbox
We would like to acknowledge Kirin (@Pwnrin) for their assistance.
Entry added September 26, 2023
Kernel
We would like to acknowledge Bill Marczak of The Citizen Lab at The University of Toronto's Munk School and Maddie Stone of Google's Threat Analysis Group for their assistance.
libxml2
We would like to acknowledge OSS-Fuzz, and Ned Williamson of Google Project Zero for their assistance.
Entry added September 26, 2023
WebKit
We would like to acknowledge Khiem Tran, and Narendra Bhati From Suma Soft Pvt. Ltd, Pune (India) for their assistance.
Entry added September 26, 2023
WebRTC
We would like to acknowledge anonymous researcher for their assistance.
Entry added September 26, 2023
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.