https://support.apple.com/en-us/HT205635
About the security content of iOS 9.2
This document describes the security content of iOS 9.2.
For the protection of our customers, Apple does not disclose, discuss, or confirm security issues until a full investigation has occurred and any necessary patches or releases are available. To learn more about Apple Product Security, see the Apple Product Security website.
For information about the Apple Product Security PGP Key, see How to use the Apple Product Security PGP Key.
Where possible, CVE IDs are used to reference the vulnerabilities for further information.
To learn about other security updates, see Apple security updates.
iOS 9.2
AppleMobileFileIntegrity
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: An access control issue was addressed by preventing modification of access control structures.
CVE-ID
CVE-2015-7055 : Apple
AppSandbox
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may maintain access to Contacts after having access revoked
Description: An issue existed in the sandbox's handling of hard links. This issue was addressed through improved hardening of the app sandbox.
CVE-ID
CVE-2015-7001 : Razvan Deaconescu and Mihai Bucicoiu of University POLITEHNICA of Bucharest; Luke Deshotels and William Enck of North Carolina State University; Lucas Vincenzo Davi and Ahmad-Reza Sadeghi of TU Darmstadt
CFNetwork HTTPProtocol
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker with a privileged network position may be able to bypass HSTS
Description: An input validation issue existed within URL processing. This issue was addressed through improved URL validation.
CVE-ID
CVE-2015-7094 : Tsubasa Iinuma (@llamakko_cafe) of Gehirn Inc. and Muneaki Nishimura (nishimunea)
Compression
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: An uninitialized memory access issue existed in zlib. This issue was addressed through improved memory initialization and additional validation of zlib streams.
CVE-ID
CVE-2015-7054 : j00ru
CoreGraphics
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing a maliciously crafted font file may lead to arbitrary code execution
Description: A memory corruption issue existed in the processing of font files. This issue was addressed through improved input validation.
CVE-ID
CVE-2015-7105 : John Villamil (@day6reak), Yahoo Pentest Team
CoreMedia Playback
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in the processing of malformed media files. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7074 : Apple
CVE-2015-7075
dyld
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: Multiple segment validation issues existed in dyld. These were addressed through improved environment sanitization.
CVE-ID
CVE-2015-7072 : Apple
CVE-2015-7079 : PanguTeam
GPUTools Framework
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: Multiple path validation issues existed in Mobile Replayer. These were addressed through improved environment sanitization.
CVE-ID
CVE-2015-7069 : Luca Todesco (@qwertyoruiop)
CVE-2015-7070 : Luca Todesco (@qwertyoruiop)
iBooks
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Parsing a maliciously crafted iBooks file may lead to disclosure of user information
Description: An XML external entity reference issue existed with iBook parsing. This issue was addressed through improved parsing.
CVE-ID
CVE-2015-7081 : Behrouz Sadeghipour (@Nahamsec) and Patrik Fehrenbach (@ITSecurityguard)
ImageIO
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: A memory corruption issue existed in ImageIO. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-7053 : Apple
IOHIDFamily
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: Multiple memory corruption issues existed in IOHIDFamily API. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7111 : beist and ABH of BoB
CVE-2015-7112 : Ian Beer of Google Project Zero
IOKit SCSI
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A null pointer dereference existed in the handling of a certain userclient type. This issue was addressed through improved validation.
CVE-ID
CVE-2015-7068 : Ian Beer of Google Project Zero
Kernel
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A local application may be able to cause a denial of service
Description: Multiple denial of service issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7040 : Lufeng Li of Qihoo 360 Vulcan Team
CVE-2015-7041 : Lufeng Li of Qihoo 360 Vulcan Team
CVE-2015-7042 : Lufeng Li of Qihoo 360 Vulcan Team
CVE-2015-7043 : Tarjei Mandt (@kernelpool)
Kernel
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: Multiple memory corruption issues existed in the kernel. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7083 : Ian Beer of Google Project Zero
CVE-2015-7084 : Ian Beer of Google Project Zero
Kernel
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A local user may be able to execute arbitrary code with kernel privileges
Description: An issue existed in the parsing of mach messages. This issue was addressed through improved validation of mach messages.
CVE-ID
CVE-2015-7047 : Ian Beer of Google Project Zero
LaunchServices
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue existed in the processing of malformed plists. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-7113 : Olivier Goguel of Free Tools Association
libarchive
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: A memory corruption issue existed in the processing of archives. This issue was addressed through improved memory handling.
CVE-ID
CVE-2011-2895 : @practicalswift
libc
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Processing a maliciously crafted package may lead to arbitrary code execution
Description: Multiple buffer overflows existed in the C standard library. These issues were addressed through improved bounds checking.
CVE-ID
CVE-2015-7038
CVE-2015-7039 : Maksymilian Arciemowicz (CXSECURITY.COM)
libxml2
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Parsing a maliciously crafted XML document may lead to disclosure of user information
Description: A memory corruption issue existed in the parsing of XML files. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-3807 : Wei Lei and Liu Yang of Nanyang Technological University
MobileStorageMounter
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A timing issue existed in loading of the trust cache. This issue was resolved by validating the system environment before loading the trust cache.
CVE-ID
CVE-2015-7051 : PanguTeam
OpenGL
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in OpenGL. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7064 : Apple
CVE-2015-7065 : Apple
CVE-2015-7066 : Tongbo Luo and Bo Qu of Palo Alto Networks
Photos
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: An attacker may be able to use the backup system to access restricted areas of the file system
Description: A path validation issue existed in Mobile Backup. This was addressed through improved environment sanitization.
CVE-ID
CVE-2015-7037 : PanguTeam
QuickLook
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Opening a maliciously crafted iWork file may lead to arbitrary code execution
Description: A memory corruption issue existed in the handling of iWork files. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-7107
Safari
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a malicious website may lead to user interface spoofing
Description: An issue may have allowed a website to display content with a URL from a different website. This issue was addressed through improved URL handling.
CVE-ID
CVE-2015-7093 : xisigr of Tencent's Xuanwu LAB (www.tencent.com)
Sandbox
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application with root privileges may be able to bypass kernel address space layout randomization
Description: An insufficient privilege separation issue existed in xnu. This issue was addressed by improved authorization checks.
CVE-ID
CVE-2015-7046 : Apple
Security
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution
Description: A memory corruption issue existed in handling SSL handshakes. This issue was addressed through improved memory handling.
CVE-ID
CVE-2015-7073 : Benoit Foucher of ZeroC, Inc.
Security
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A malicious application may gain access to a user's Keychain items
Description: An issue existed in the validation of access control lists for keychain items. This issue was addressed through improved access control list checks.
CVE-ID
CVE-2015-7058
Siri
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: A person with physical access to an iOS device may be able to use Siri to read notifications of content that is set not to be displayed at the lock screen
Description: When a request was made to Siri, client side restrictions were not being checked by the server. This issue was addressed through improved restriction checking.
CVE-ID
CVE-2015-7080 : Or Safran (www.linkedin.com/profile/view?id=33912591)
WebKit
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may lead to arbitrary code execution
Description: Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.
CVE-ID
CVE-2015-7048 : Apple
CVE-2015-7095 : Apple
CVE-2015-7096 : Apple
CVE-2015-7097 : Apple
CVE-2015-7098 : Apple
CVE-2015-7099 : Apple
CVE-2015-7100 : Apple
CVE-2015-7101 : Apple
CVE-2015-7102 : Apple
CVE-2015-7103 : Apple
WebKit
Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later
Impact: Visiting a maliciously crafted website may reveal a user's browsing history
Description: An insufficient input validation issue existed in content blocking. This issue was addressed through improved content extension parsing.
CVE-ID
CVE-2015-7050 : Luke Li and Jonathan Metzman
Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Risks are inherent in the use of the Internet. Contact the vendor for additional information. Other company and product names may be trademarks of their respective owners.
Last Modified: Dec 8, 2015