A logic issue was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges.
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/170011/XNU-vm_object-Use-After-Free.html | Third Party Advisory VDB Entry |
https://support.apple.com/en-us/HT213488 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213489 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213490 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213491 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213492 | Release Notes Vendor Advisory |
https://support.apple.com/en-us/HT213494 | Release Notes Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
02 Dec 2022, 22:45
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) http://packetstormsecurity.com/files/170011/XNU-vm_object-Use-After-Free.html - Third Party Advisory, VDB Entry |
25 Nov 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
03 Nov 2022, 03:53
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CPE | cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* |
|
References | (MISC) https://support.apple.com/en-us/HT213494 - Release Notes, Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213492 - Release Notes, Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213490 - Release Notes, Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213491 - Release Notes, Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213489 - Release Notes, Vendor Advisory | |
References | (MISC) https://support.apple.com/en-us/HT213488 - Release Notes, Vendor Advisory | |
CWE | NVD-CWE-noinfo | |
First Time |
Apple macos
Apple iphone Os Apple Apple tvos Apple watchos Apple ipados |
01 Nov 2022, 20:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-01 20:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-42801
Mitre link : CVE-2022-42801
CVE.ORG link : CVE-2022-42801
JSON object : View
Products Affected
apple
- iphone_os
- tvos
- ipados
- watchos
- macos
CWE