APPLE-SA-12-12-2025-5 macOS Sonoma 14.8.3

[Apple Product Security via Fulldisclosure <fulldisclosure () seclists org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-12-12-2025-5 macOS Sonoma 14.8.3

macOS Sonoma 14.8.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/125888.

Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.

AppleJPEG
Available for: macOS Sonoma
Impact: Processing a file may lead to memory corruption
Description: The issue was addressed with improved bounds checks.
CVE-2025-43539: Michael Reeves (@IntegralPilot)

AppleMobileFileIntegrity
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with additional
restrictions.
CVE-2025-43519: an anonymous researcher

AppSandbox
Available for: macOS Sonoma
Impact: An app may be able to access protected user data
Description: A logic issue was addressed with improved file handling.
CVE-2025-46289: an anonymous researcher

Audio
Available for: macOS Sonoma
Impact: An app may be able to cause a denial-of-service
Description: The issue was addressed with improved input validation.
CVE-2025-43482: Michael Reeves (@IntegralPilot), Jex Amro

Call History
Available for: macOS Sonoma
Impact: An app may be able to access protected user data
Description: A privacy issue was addressed with improved private data
redaction for log entries.
CVE-2025-43517: Wojciech Regula of SecuRing (wojciechregula.blog)

Call History
Available for: macOS Sonoma
Impact: An attacker may be able to spoof their FaceTime caller ID
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2025-46287: an anonymous researcher, Riley Walz

curl
Available for: macOS Sonoma
Impact: Multiple issues in curl
Description: This is a vulnerability in open source code and Apple
Software is among the affected projects. The CVE-ID was assigned by a
third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2024-7264
CVE-2025-9086

Foundation
Available for: macOS Sonoma
Impact: An app may be able to inappropriately access files through the
spellcheck API
Description: A logic issue was addressed with improved checks.
CVE-2025-43518: Noah Gregory (wts.dev)

Foundation
Available for: macOS Sonoma
Impact: Processing malicious data may lead to unexpected app termination
Description: A memory corruption issue was addressed with improved
bounds checking.
CVE-2025-43532: Andrew Calvano and Lucas Pinheiro of Meta Product
Security

Kernel
Available for: macOS Sonoma
Impact: An app may be able to elevate privileges
Description: A logic issue was addressed with improved checks.
CVE-2025-43512: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs

Kernel
Available for: macOS Sonoma
Impact: An app may be able to gain root privileges
Description: An integer overflow was addressed by adopting 64-bit
timestamps.
CVE-2025-46285: Kaitao Xie and Xiaolong Bai of Alibaba Group

libarchive
Available for: macOS Sonoma
Impact: Processing a file may lead to memory corruption
Description: This is a vulnerability in open source code and Apple
Software is among the affected projects. The CVE-ID was assigned by a
third party. Learn more about the issue and CVE-ID at cve.org.
CVE-2025-5918

MDM Configuration Tools
Available for: macOS Sonoma
Impact: An app may be able to read sensitive location information
Description: A permissions issue was addressed by removing the
vulnerable code.
CVE-2025-43513: Andreas Jaegersberger & Ro Achterberg of Nosebeard Labs

Messages
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: An information disclosure issue was addressed with improved
privacy controls.
CVE-2025-46276: Rosyna Keller of Totally Not Malicious Software

Networking
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved data protection.
CVE-2025-43509: Haoling Zhou, Shixuan Zhao (@NSKernel), Chao Wang
(@evi0s), Zhiqiang Lin from SecLab of The Ohio State University

Screen Time
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: A logging issue was addressed with improved data redaction.
CVE-2025-43538: Iván Savransky

SoftwareUpdate
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: A permissions issue was addressed with additional
restrictions.
CVE-2025-43519: an anonymous researcher

StorageKit
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2025-43463: Mickey Jin (@patch1t), Amy (@asentientbot)

sudo
Available for: macOS Sonoma
Impact: An app may be able to access protected user data
Description: A logic issue was addressed with improved restrictions.
CVE-2025-43416: Gergely Kalman (@gergely_kalman)

Voice Control
Available for: macOS Sonoma
Impact: A user with Voice Control enabled may be able to transcribe
another user's activity
Description: A session management issue was addressed with improved
checks.
CVE-2025-43516: Kay Belardinelli (Harvard University)

VoiceOver
Available for: macOS Sonoma
Impact: An app may be able to access sensitive user data
Description: This issue was addressed with improved checks.
CVE-2025-43530: Mickey Jin (@patch1t)

Additional recognition

Sandbox
We would like to acknowledge Arnaud Abbati for their assistance.

macOS Sonoma 14.8.3 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/

All information is also posted on the Apple Security Releases
web site: https://support.apple.com/100100.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEhjkl+zMLNwFiCT1o4Ifiq8DH7PUFAmk8iJMACgkQ4Ifiq8DH
7PX3HxAAh6S9+Bp3J+RIvGUModQ7FRVr8niE7hoDRylsfxHxL8gtMOoE6a9k+kf0
eMPyTPQxZdFoOUElURd2VmQ/LIXvpGfdmAXX0jBGllI4vGJzm1GklGVoF+dZVlNh
p7cdccxkpU49IPxgFsmZk6PCKjCbgGvHenG4/NPwI+vW1o4nTcXPdtl0cjdB16+D
nWY4kl5hRdg5WEq5DuMdWdFLu8LijC8X8OLwlUHzvg6PrUarzSFkdFFgH7L+SjYE
npKzynJVlLJZavRHO3iGCAIv6pK4RiA7lpeGWlLCZVab+wi6yd0g8j8owLSEf54m
i2HhfrxgByMR78W7cCZpfafjjJxN+whSdCDlNz6XJij5uHLENxCx8Eu9BFFW8bE0
u705ughOFE8B5GeOGntpW4eiQQi/ZjE4PGPeo3G6yif47Ku7WVERDuFuBL4tIYt0
skFINkuW6S/QihYGXp4y0tZR5A7tV94gJp5DThTblnEChDyZfRsC2wW7bSJrrWWx
RncAZIg/kC7jB00w5/pthhzoz/b6xolXyokBYlhn2bmAdeWt9gW+zt3ANc193XNO
/iFat8sBNAeFhs8ix28qrbDdLWrWpKKahGPRkLssNC52akjtugdLGQGR7vg+CfWZ
hgT9z/i8jI1F3o0eKaEyFDhn+8lp31nZBzfEG87J1Pa214Q0srk=
=yMbI
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/