Nachdem Apple bereits vor 3 Wochen ein Update für die letzte Generation der WiFi-Geräte der AirPort-Familie mit WiFi 802.11ac bereitgestellt hat, folgt nun das entsprechende Update auch für die älteren Geräte mit 802.11n-Standard. Ein zeitnahes Update wird empfohlen.
Details
AirPort Base Station Firmware Update 7.8.1
- Released June 20, 2019
- Available for: AirPort Express, AirPort Extreme, and AirPort Time Capsule base stations with 802.11n
Impact: A remote attacker may be able to leak memory
- Description: An out-of-bounds read was addressed with improved input validation.
- CVE-2019-8581: Lucio Albornoz
Impact: A remote attacker may be able to cause a system denial of service
- Description: A null pointer dereference was addressed with improved input validation.
- CVE-2019-8588: Vince Cali (@0x56)
Impact: A remote attacker may be able to cause arbitrary code execution
- Description: A use after free issue was addressed with improved memory management.
- CVE-2019-8578: Maxime Villard
Impact: A remote attacker may be able to cause a system denial of service
- Description: A denial of service issue was addressed with improved validation.
- CVE-2018-6918: Maxime Villard
Impact: A base station factory reset may not delete all user information
- Description: The issue was addressed with improved data deletion.
- CVE-2019-8575: joshua stein
Impact: An attacker in a privileged position may be able to perform a denial of service attack
- Description: A denial of service issue was addressed with improved memory handling.
- CVE-2019-7291: Maxime Villard
Impact: Source-routed IPv4 packets may be unexpectedly accepted
- Description: Source-routed IPv4 packets were disabled by default.
- CVE-2019-8580: Maxime Villard
Impact: A remote attacker may be able to cause arbitrary code execution
- Description: A null pointer dereference was addressed with improved input validation.
- CVE-2019-8572: Maxime Villard