The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2022/Oct/39 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2022/Oct/40 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2022/Oct/43 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2022/Oct/45 | Mailing List Third Party Advisory |
https://support.apple.com/en-us/HT213443 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213444 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213445 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213446 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Dec 2022, 03:12
Type | Values Removed | Values Added |
---|---|---|
References | (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/39 - Mailing List, Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/45 - Mailing List, Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/43 - Mailing List, Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/40 - Mailing List, Third Party Advisory |
31 Oct 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
30 Oct 2022, 23:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
22 Sep 2022, 18:31
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
References | (MISC) https://support.apple.com/en-us/HT213445 - Release Notes, Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213443 - Release Notes, Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213446 - Release Notes, Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213444 - Release Notes, Vendor Advisory | |
First Time |
Apple macos
Apple iphone Os Apple ipados Apple |
|
CPE | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* |
20 Sep 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-09-20 21:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-32917
Mitre link : CVE-2022-32917
CVE.ORG link : CVE-2022-32917
JSON object : View
Products Affected
apple
- iphone_os
- ipados
- macos
CWE
CWE-787
Out-of-bounds Write