Apple Releases iOS 6.1 With Fixes for More Than 20 Vulnerabilities

Apple has fixed dozens of security vulnerabilities in iOS with the release of version 6.1, including a serious flaw in the kernel and a number of bugs in the WebKit framework. The company also revoked trust in the bad TurkTrust certificates that were discovered late last year.

Apple securityApple has fixed dozens of security vulnerabilities in iOS with the release of version 6.1, including a serious flaw in the kernel and a number of bugs in the WebKit framework. The company also revoked trust in the bad TurkTrust certificates that were discovered late last year.

One of the key vulnerabilities fixed in iOS 6.1 is in the operating system’s kernel and could enable an attacker to access kernel memory. The vulnerability was discovered by Mark Dowd of Azimuth Security, who presented it at the hack in the Box security conference last year.

“The iOS kernel has checks to validate that the user-mode pointer and length passed to the copyin and copyout functions would not result in a user-mode process being able to directly access kernel memory. The checks were not being used if the length was smaller than one page. This issue was addressed through additional validation of the arguments to copyin and copyout,” the Apple advisory says.

In addition to the kernel bug and the revocation of trust in the TurkTrust certificates, Apple also patched more than 20 flaws in the WebKit framework. The majority of those vulnerabilities are memory-corruption bugs, but there also are patches for two cross-site scripting flaws included in iOS 6.1. Many of the WebKit vulnerabilities were discovered by members of the Google Chrome security team.

Here’s the list of WebKit flaws fixed in iOS 6.1:

Multiple memory corruption issues existed in WebKit. These issues were addressed through improved memory handling.

CVE-ID

CVE-2012-2857 : Arthur Gerkis

CVE-2012-3606 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2012-3607 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2012-3621 : Skylined of the Google Chrome Security Team

CVE-2012-3632 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2012-3687 : kuzzcc

CVE-2012-3701 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2013-0948 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2013-0949 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2013-0950 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2013-0951 : Apple

CVE-2013-0952 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2013-0953 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2013-0954 : Dominic Cooney of Google and Martin Barbella of the Google Chrome Security Team

CVE-2013-0955 : Apple

CVE-2013-0956 : Apple Product Security

CVE-2012-2824 : miaubiz

CVE-2013-0958 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2013-0959 : Abhishek Arya (Inferno) of the Google Chrome Security Team

CVE-2013-0968 : Aaron Nelson

Users can install the new iOS update by going to Settings and selecting General and then Software Update.

 

Suggested articles