About the security content of visionOS 2

This document describes the security content of visionOS 2.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security releases page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

visionOS 2

APFS

Available for: Apple Vision Pro

Impact: A malicious app with root privileges may be able to modify the contents of system files

Description: The issue was addressed with improved checks.

CVE-2024-40825: Pedro Tôrres (@t0rr3sp3dr0)

Compression

Available for: Apple Vision Pro

Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files

Description: A race condition was addressed with improved locking.

CVE-2024-27876: Snoolie Keffaber (@0xilis)

Game Center

Available for: Apple Vision Pro

Impact: An app may be able to access user-sensitive data

Description: A file access issue was addressed with improved input validation.

CVE-2024-40850: Denis Tokarev (@illusionofcha0s)

ImageIO

Available for: Apple Vision Pro

Impact: Processing a maliciously crafted file may lead to unexpected app termination

Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2024-27880: Junsung Lee

ImageIO

Available for: Apple Vision Pro

Impact: Processing an image may lead to a denial-of-service

Description: An out-of-bounds access issue was addressed with improved bounds checking.

CVE-2024-44176: dw0r of ZeroPointer Lab working with Trend Micro Zero Day Initiative and an anonymous researcher

IOSurfaceAccelerator

Available for: Apple Vision Pro

Impact: An app may be able to cause unexpected system termination

Description: The issue was addressed with improved memory handling.

CVE-2024-44169: Antonio Zekić

Kernel

Available for: Apple Vision Pro

Impact: Network traffic may leak outside a VPN tunnel

Description: A logic issue was addressed with improved checks.

CVE-2024-44165: Andrew Lytvynov

Kernel

Available for: Apple Vision Pro

Impact: An app may gain unauthorized access to Bluetooth

Description: This issue was addressed through improved state management.

CVE-2024-44191: Alexander Heinrich, SEEMOO, DistriNet, KU Leuven (@vanhoefm), TU Darmstadt (@Sn0wfreeze) and Mathy Vanhoef

libxml2

Available for: Apple Vision Pro

Impact: Processing maliciously crafted web content may lead to an unexpected process crash

Description: An integer overflow was addressed through improved input validation.

CVE-2024-44198: OSS-Fuzz, Ned Williamson of Google Project Zero

mDNSResponder

Available for: Apple Vision Pro

Impact: An app may be able to cause a denial-of-service

Description: A logic error was addressed with improved error handling.

CVE-2024-44183: Olivier Levon

Model I/O

Available for: Apple Vision Pro

Impact: Processing a maliciously crafted image may lead to a denial-of-service

Description: This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party. Learn more about the issue and CVE-ID at cve.org.

CVE-2023-5841

Notes

Available for: Apple Vision Pro

Impact: An app may be able to overwrite arbitrary files

Description: This issue was addressed by removing the vulnerable code.

CVE-2024-44167: ajajfxhj

Presence

Available for: Apple Vision Pro

Impact: An app may be able to read sensitive data from the GPU memory

Description: The issue was addressed with improved handling of caches.

CVE-2024-40790: Max Thomas

WebKit

Available for: Apple Vision Pro

Impact: Processing maliciously crafted web content may lead to universal cross site scripting

Description: This issue was addressed through improved state management.

CVE-2024-40857: Ron Masas

WebKit

Available for: Apple Vision Pro

Impact: A malicious website may exfiltrate data cross-origin

Description: A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins.

CVE-2024-44187: Narendra Bhati, Manager of Cyber Security at Suma Soft Pvt. Ltd, Pune (India)

Additional recognition

Kernel

We would like to acknowledge Braxton Anderson for their assistance.

Maps

We would like to acknowledge Kirin (@Pwnrin) for their assistance.

Passwords

We would like to acknowledge Richard Hyunho Im (@r1cheeta) for their assistance.

TCC

We would like to acknowledge Vaibhav Prajapati for their assistance.

WebKit

We would like to acknowledge Avi Lumelsky, Uri Katz, (Oligo Security), Johan Carlsson (joaxcar) for their assistance.