Apple Plugs Security Holes in ATV2 and ATV3 Software
Two vulnerabilities patched with the help of prominent security researchers
iOS 5.1.1 for Apple TV not only delivers new features and enhancements but also a couple of patches for two vulnerabilities. Apple has published an advisory that describes the security content of Apple TV 5.1.1 at length.Affecting Apple TV 2nd generation and Apple TV 3rd generation models, “Compromised applications may be able to determine addresses in the kernel.”
According to the bug’s description, “An information disclosure issue existed in the handling of APIs related to kernel extensions.”
“Responses containing a OSBundleMachOHeaders key may have included kernel addresses, which may aid in bypassing address space layout randomization protection,” Apple explains.
Apple TV Software Update 5.1.1 fixes this issue “by unsliding the addresses before returning them,” according to the advisory.
The Mac maker credits Mark Dowd of Azimuth Security, Eric Monti of Square, and additional anonymous researchers for finding and reporting the flaw.
Affecting the same ATV models mentioned above, “An attacker with a privileged network position may cause an unexpected application termination or arbitrary code execution.”
In addition to strengthening security, Apple TV 5.1.1 adds support for Up Next, a new feature in iTunes 11 that allows users to see upcoming songs when playing music on their TV-connected black box.
Users can add new songs and edit what's queued with the newly-updated iOS Remote app, as well as with the physical remote that came with the product.
ATV 5.1.1 also includes “performance and stability improvements with the iTunes Store, AirPlay, Netflix, iTunes Match, and wired Ethernet connections.”