VARIoT IoT vulnerabilities database

A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app with root privileges may be able to execute arbitrary code with kernel privileges. apple's iPadOS , iOS , macOS There is a race condition vulnerability in.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. A user in a privileged network position may be able to track user activity

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to disclose kernel memory

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. A sandboxed app may be able to determine which app is currently using the camera. iOS , macOS , tvOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained

A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. apple's macOS There is a race condition vulnerability in.Information may be tampered with

The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. apple's iOS and macOS Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16 iOS 16 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213446. Accelerate Framework Available for: iPhone 8 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-42795: ryuzaki Entry added October 27, 2022 AppleAVD Available for: iPhone 8 and later Impact: An app may be able to cause a denial-of-service Description: A memory corruption issue was addressed with improved state management. CVE-2022-32827: Antonio Zekic (@antoniozekic), Natalie Silvanovich of Google Project Zero, and an anonymous researcher Entry added October 27, 2022 AppleAVD Available for: iPhone 8 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: This issue was addressed with improved checks. CVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee__) Entry added October 27, 2022 Apple Neural Engine Available for: iPhone 8 and later Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved memory handling. CVE-2022-32858: Mohamed Ghannam (@_simo36) Entry added October 27, 2022 Apple Neural Engine Available for: iPhone 8 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32898: Mohamed Ghannam (@_simo36) CVE-2022-32899: Mohamed Ghannam (@_simo36) CVE-2022-32889: Mohamed Ghannam (@_simo36) Entry added October 27, 2022 Apple TV Available for: iPhone 8 and later Impact: An app may be able to access user-sensitive data Description: The issue was addressed with improved handling of caches. CVE-2022-32909: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 27, 2022 Contacts Available for: iPhone 8 and later Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved checks. CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security Crash Reporter Available for: iPhone 8 and later Impact: A user with physical access to an iOS device may be able to read past diagnostic logs Description: This issue was addressed with improved data protection. CVE-2022-32867: Kshitij Kumar and Jai Musunuri of Crowdstrike Entry added October 27, 2022 DriverKit Available for: iPhone 8 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32865: Linus Henze of Pinauten GmbH (pinauten.de) Entry added October 27, 2022 Exchange Available for: iPhone 8 and later Impact: A user in a privileged network position may be able to intercept mail credentials Description: A logic issue was addressed with improved restrictions. CVE-2022-32928: an anonymous researcher Entry added October 27, 2022 GPU Drivers Available for: iPhone 8 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-26744: an anonymous researcher Entry added October 27, 2022 GPU Drivers Available for: iPhone 8 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-32903: an anonymous researcher Entry added October 27, 2022 ImageIO Available for: iPhone 8 and later Impact: Processing an image may lead to a denial-of-service Description: A denial-of-service issue was addressed with improved validation. CVE-2022-1622 Entry added October 27, 2022 Image Processing Available for: iPhone 8 and later Impact: A sandboxed app may be able to determine which app is currently using the camera Description: The issue was addressed with additional restrictions on the observability of app states. CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de) CVE-2022-32911: Zweig of Kunlun Lab Entry updated October 27, 2022 Kernel Available for: iPhone 8 and later Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32917: an anonymous researcher Maps Available for: iPhone 8 and later Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions. CVE-2022-32883: Ron Masas, breakpointhq.com MediaLibrary Available for: iPhone 8 and later Impact: A user may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-32908: an anonymous researcher Notifications Available for: iPhone 8 and later Impact: A user with physical access to a device may be able to access contacts from the lock screen Description: A logic issue was addressed with improved state management. CVE-2022-32879: Ubeydullah Sümer Entry added October 27, 2022 Photos Available for: iPhone 8 and later Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved data protection. CVE-2022-32918: an anonymous researcher, Jugal Goradia of Aastha Technologies, Srijan Shivam Mishra of The Hack Report, Evan Ricafort (evanricafort.com) of Invalid Web Security, Amod Raghunath Patwardhan of Pune, India, Ashwani Rajput of Nagarro Software Pvt. Ltd Entry added October 27, 2022 Safari Available for: iPhone 8 and later Impact: Visiting a malicious website may lead to address bar spoofing Description: This issue was addressed with improved checks. CVE-2022-32795: Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati Safari Extensions Available for: iPhone 8 and later Impact: A website may be able to track users through Safari web extensions Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 242278 CVE-2022-32868: Michael Sandbox Available for: iPhone 8 and later Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved restrictions. CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 27, 2022 Security Available for: iPhone 8 and later Impact: An app may be able to bypass code signing checks Description: An issue in code signature validation was addressed with improved checks. CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de) Entry added October 27, 2022 Shortcuts Available for: iPhone 8 and later Impact: A person with physical access to an iOS device may be able to access photos from the lock screen Description: A logic issue was addressed with improved restrictions. CVE-2022-32872: Elite Tech Guru Sidecar Available for: iPhone 8 and later Impact: A user may be able to view restricted content from the lock screen Description: A logic issue was addressed with improved state management. CVE-2022-42790: Om kothawade of Zaprico Digital Entry added October 27, 2022 Siri Available for: iPhone 8 and later Impact: A user with physical access to a device may be able to use Siri to obtain some call history information Description: A logic issue was addressed with improved state management. CVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/andrew-goldberg-/) Entry added October 27, 2022 SQLite Available for: iPhone 8 and later Impact: A remote user may be able to cause a denial-of-service Description: This issue was addressed with improved checks. CVE-2021-36690 Entry added October 27, 2022 Time Zone Available for: iPhone 8 and later Impact: Deleted contacts may still appear in spotlight search results Description: A logic issue was addressed with improved state management. CVE-2022-32859 Entry added October 27, 2022 Watch app Available for: iPhone 8 and later Impact: An app may be able to read a persistent device identifier Description: This issue was addressed with improved entitlements. CVE-2022-32835: Guilherme Rambo of Best Buddy Apps (rambo.codes) Entry added October 27, 2022 Weather Available for: iPhone 8 and later Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved state management. CVE-2022-32875: an anonymous researcher Entry added October 27, 2022 WebKit Available for: iPhone 8 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla: 242047 CVE-2022-32888: P1umer (@p1umer) Entry added October 27, 2022 WebKit Available for: iPhone 8 and later Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 243236 CVE-2022-32891: @real_as3617, and an anonymous researcher Entry added October 27, 2022 WebKit Available for: iPhone 8 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 241969 CVE-2022-32886: P1umer, afang5472, xmzyshypnc WebKit Available for: iPhone 8 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. WebKit Bugzilla: 242762 CVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative WebKit Sandboxing Available for: iPhone 8 and later Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with improvements to the sandbox. WebKit Bugzilla: 243181 CVE-2022-32892: @18楼梦想改造家 and @jq0904 of DBAppSecurity's WeBin lab Entry added October 27, 2022 Wi-Fi Available for: iPhone 8 and later Impact: An app may be able to cause unexpected system termination or write kernel memory Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32925: Wang Yu of Cyberserval Entry added October 27, 2022 Additional recognition AirDrop We would like to acknowledge Alexander Heinrich, Milan Stute, and Christian Weinert of Technical University of Darmstadt for their assistance. Entry added October 27, 2022 AppleCredentialManager We would like to acknowledge @jonathandata1 for their assistance. Entry added October 27, 2022 Calendar UI We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal for their assistance. Entry added October 27, 2022 FaceTime We would like to acknowledge an anonymous researcher for their assistance. Entry added October 27, 2022 Find My We would like to acknowledge an anonymous researcher for their assistance. Entry added October 27, 2022 Game Center We would like to acknowledge Joshua Jones for their assistance. iCloud We would like to acknowledge Bülent Aytulun, and an anonymous researcher for their assistance. Entry added October 27, 2022 Identity Services We would like to acknowledge Joshua Jones for their assistance. Kernel We would like to acknowledge Pan ZhenPeng(@Peterpan0927), Tingting Yin of Tsinghua University, and Min Zheng of Ant Group, and an anonymous researcher for their assistance. Entry added October 27, 2022 Mail We would like to acknowledge an anonymous researcher for their assistance. Entry added October 27, 2022 Notes We would like to acknowledge Edward Riley of Iron Cloud Limited (ironclouduk.com) for their assistance. Entry added October 27, 2022 Photo Booth We would like to acknowledge Prashanth Kannan of Dremio for their assistance. Entry added October 27, 2022 Sandbox We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Entry added October 27, 2022 Shortcuts We would like to acknowledge Shay Dror for their assistance. Entry added October 27, 2022 SOS We would like to acknowledge Xianfeng Lu and Lei Ai of OPPO Amber Security Lab for their assistance. Entry added October 27, 2022 UIKit We would like to acknowledge Aleczander Ewing, Simon de Vegt, and an anonymous researcher for their assistance. Entry added October 27, 2022 WebKit We would like to acknowledge an anonymous researcher for their assistance. Entry added October 27, 2022 WebRTC We would like to acknowledge an anonymous researcher for their assistance. Entry added October 27, 2022 This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 16". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpoACgkQ4RjMIDke NxkQ8w/9FMTP02t/AKe0nXZ44UhfMLy7Sx88gpWRHaWKZtdjPADC2kxx1RbVSvrC C5nB6bw2zGppE1V284QitcNG9WrGGTINK6Knshv0PCkWLZnh1sYqX2bYbKmY6Ol7 K+lRk6zicF3k7KcCZRly6UuJ8RvfPpa2wKuVVv5FBPM8bPRuovVRiRxGUWuO7emM ZXyp4n5u+GldW8n8hRK/jxwGGwrKqFmXL9Ecd79I2/4uYmEx6tmoAYuEZs26BfjK Etd1F54PlewmyUKvVlWiwLhpVgygRqkmvW+jKwX46gBzwHFK88B9IV6wf8ZD5JaU Ur+nqEjiqmbYdcfV8pu64eRNnlTiCmD/ehJg8sNG38m9SeqOw3ZNVaQ8+sgoXwsp rpsPDPsXmPqqadxERe7LwLXSm4KtTARdGbEffHAA5eqc+U0ja2u3piqk8ZKTrC6K tORrDjSkKx9AILbds99Wzbnb1rfF/09N1+LPQT7Ac8PCA/kE+XQ+nmSDoInh8PTU rFt3ZW9Ud0q6Y2Ix11WYrb6wOqs/vafaW5zXTnNfgKNvw2zO/9yKYhaqIjlGtLSJ Og/O1sdcPMPisBGQynF7Dj42riQD5RQGbB/GmfgRqUHFXwcWJxFRblkwUxbjuEaR nYRj90cDbUE2wmsE4y4uFfCVpKTQCQCKXuSuBkOQje0KjTDHWac= =I+iq -----END PGP SIGNATURE-----

The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to cause kernel code execution

A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution. apple's macOS Exists in an out-of-bounds write vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges

This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information. apple's macOS Exists in unspecified vulnerabilities.Information may be obtained. Apple macOS Monterey is the eighteenth major release of Apple's Macintosh desktop operating system, macOS. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-6 Additional information for APPLE-SA-2022-10-24-3 macOS Monterey 12.6.1 macOS Monterey 12.6.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213494. AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing additional entitlements. CVE-2022-42825: Mickey Jin (@patch1t) Audio Available for: macOS Monterey Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: The issue was addressed with improved memory handling. CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative Entry added October 27, 2022 Kernel Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom) Entry added October 27, 2022 Kernel Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved checks. CVE-2022-42801: Ian Beer of Google Project Zero Entry added October 27, 2022 ppp Available for: macOS Monterey Impact: A buffer overflow may result in arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32941: an anonymous researcher Entry added October 27, 2022 Ruby Available for: macOS Monterey Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: A memory corruption issue was addressed by updating Ruby to version 2.6.10. CVE-2022-32862: an anonymous researcher zlib Available for: macOS Monterey Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-37434: Evgeny Legerov CVE-2022-42800: Evgeny Legerov Entry added October 27, 2022 Additional recognition Calendar We would like to acknowledge an anonymous researcher for their assistance. macOS Monterey 12.6.1 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpgACgkQ4RjMIDke NxkmrA//QkiOI5QLiYQv5mGLd0ATWIuBRLVgzxTZY1iguC1IUlDXExGXPd9FeS/n M7kFNZ/tp1i/XgHogq6d+kyBxZSlM+Jp2TfTBr4H/3I3xzFSx4fwEqqmBYiG8XSR DXWKJCcbmYLdQGgHUcKHTMtSWsjRWJjIm88+lJMGdeQGo6NzqcsCKs0Tprf85Noq nr0YTzPAUURmZtrivSLXtpek7S4E1MhzJZZ4IXjI7FiHHzFg7KnlBkESrAamLHgz ephVZA7BsRDZtb5fh10+t7Ky42SIuy5TMd9UU4viNxd/mn6NP2N4shd95ywcrR5/ o6ywAHQxnkL3apOi0BVcwyR9PzrOxkzhZj74iEwgGu/hci1HvwHHPFUkErPqRO1f m1MAz3Q3E+0cXTmjnxZzmrqFgXRauyLaxXNyCMlQVNPw/YBKQLHiaZnbBmt00k0j f++ahogNR07V9LfcZ4YZnK3P5jN20/KNUhtouT/V9mS66lbWz+oQdiRJCVHuW2Ur UkNbgc6mBFq81t3vhWrJlv158OLogWykFzTdPUbJvJw61AKXO/BxNZjv53XL1+D1 2NqnribpyIluIZxwYIo5HVYEMKYLObhcZJDVFXR2gue9hgwEENtiY7SpwOwo+GvE kFAs/FBoLs6cCxATcYCxxuhXG7MYzkjNLPCexskSY7zncFiTHyM= =Fcqo -----END PGP SIGNATURE-----

A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information. Both Apple macOS Big Sur and Apple macOS Monterey are products of Apple Inc. in the United States. Apple macOS Big Sur is the 17th major release of Apple's operating system macOS for the MAC. Apple macOS Monterey is the 18th major release of macOS, the desktop operating system for the Macintosh. Apple macOS Big Sur and macOS Monterey have security flaws. Safari 16.1 may be obtained from the Mac App Store. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5273-1 security@debian.org https://www.debian.org/security/ Alberto Garcia November 08, 2022 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : webkit2gtk CVE ID : CVE-2022-42799 CVE-2022-42823 CVE-2022-42824 The following vulnerabilities have been discovered in the WebKitGTK web engine: CVE-2022-42799 Jihwan Kim and Dohyun Lee discovered that visiting a malicious website may lead to user interface spoofing. For the stable distribution (bullseye), these problems have been fixed in version 2.38.2-1~deb11u1. We recommend that you upgrade your webkit2gtk packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-24-5 watchOS 9.1 watchOS 9.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213491. AppleMobileFileIntegrity Available for: Apple Watch Series 4 and later Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing additional entitlements. CVE-2022-42825: Mickey Jin (@patch1t) AVEVideoEncoder Available for: Apple Watch Series 4 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32940: ABC Research s.r.o. CFNetwork Available for: Apple Watch Series 4 and later Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A certificate validation issue existed in the handling of WKWebView. CVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu) GPU Drivers Available for: Apple Watch Series 4 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32947: Asahi Lina (@LinaAsahi) Kernel Available for: Apple Watch Series 4 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32924: Ian Beer of Google Project Zero Kernel Available for: Apple Watch Series 4 and later Impact: A remote user may be able to cause kernel code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-42808: Zweig of Kunlun Lab Sandbox Available for: Apple Watch Series 4 and later Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake WebKit Available for: Apple Watch Series 4 and later Impact: Visiting a malicious website may lead to user interface spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 243693 CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun) WebKit Available for: Apple Watch Series 4 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. WebKit Bugzilla: 245058 CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University Additional recognition iCloud We would like to acknowledge Tim Michaud (@TimGMichaud) of Moveworks.ai for their assistance. Kernel We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tommy Muir (@Muirey03) for their assistance. WebKit We would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an anonymous researcher for their assistance. Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNW12IACgkQ4RjMIDke NxmiOw/7BsLUQ4r68XAaamGxUYszLltIfM+9uvHuE6J4/OI+tcAVzHnwZvBYK7AA rT6R8L3wXjIfwvSmWSkkwPVQDaAmyldy/d6ws487f6acXUPIAEfk+jXf7PcfPIaC 6X4bmzjlBXWX7S/UEw7FNSn63oKQJL7bEBgphzZEbCn17gGks6bH5gya0POV9Eol ZaCxoWxOICPjIaOu6hXdh2ehH7P4Nd+U0IKKJ/G/Ig0uV8utqYVrQ/Ant71Rzssd jvgE9wHNnJDExBdmOQUkHA9QqzRizX3NRKTJl7L2DUYNo6mX9F3U06xE5i98wSmu a3aQGKNlQOx8kDlUcngkuggz5JM7ZMxfxJKx/RwZSX2Vj2n6lKrZXxOr99IG+xFu kSKOWPJCe15RBUhJK94WJouSquTzi8dFdrTN69aK3PDWOAmghLP7r945/KHz+FEe vr/CqzzoKMES9GRQAa+kii0AqXbyChU+3QzhxfOM1qsuqgZOGQRenscxKhvKLALS 3/doQB8TmsD9WYZORegqTHpWtes1Aw7R/O6SxOzf1t08wF6JVfRy7wIvMAjirCCW ybI+2YM5I49/r4ubut06a/twGbOd2A6IPrOAObt9eq4x9ZmbMez4S79L4lo9falQ X0Yak1k4beRY5oKTKEpbd4fhSv3Tw1UIsRxOPWRjlcPLxGt6m6U= =PO6h -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: webkit2gtk3 security and bug fix update Advisory ID: RHSA-2023:2256-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2256 Issue date: 2023-05-09 CVE Names: CVE-2022-32886 CVE-2022-32888 CVE-2022-32923 CVE-2022-42799 CVE-2022-42823 CVE-2022-42824 CVE-2022-42826 CVE-2022-42852 CVE-2022-42863 CVE-2022-42867 CVE-2022-46691 CVE-2022-46692 CVE-2022-46698 CVE-2022-46699 CVE-2022-46700 CVE-2023-23517 CVE-2023-23518 CVE-2023-25358 CVE-2023-25360 CVE-2023-25361 CVE-2023-25362 CVE-2023-25363 ==================================================================== 1. Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.2 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux AppStream (v. 9): Source: webkit2gtk3-2.38.5-1.el9.src.rpm aarch64: webkit2gtk3-2.38.5-1.el9.aarch64.rpm webkit2gtk3-debuginfo-2.38.5-1.el9.aarch64.rpm webkit2gtk3-debugsource-2.38.5-1.el9.aarch64.rpm webkit2gtk3-devel-2.38.5-1.el9.aarch64.rpm webkit2gtk3-devel-debuginfo-2.38.5-1.el9.aarch64.rpm webkit2gtk3-jsc-2.38.5-1.el9.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.aarch64.rpm webkit2gtk3-jsc-devel-2.38.5-1.el9.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.aarch64.rpm ppc64le: webkit2gtk3-2.38.5-1.el9.ppc64le.rpm webkit2gtk3-debuginfo-2.38.5-1.el9.ppc64le.rpm webkit2gtk3-debugsource-2.38.5-1.el9.ppc64le.rpm webkit2gtk3-devel-2.38.5-1.el9.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm webkit2gtk3-jsc-2.38.5-1.el9.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.ppc64le.rpm webkit2gtk3-jsc-devel-2.38.5-1.el9.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.ppc64le.rpm s390x: webkit2gtk3-2.38.5-1.el9.s390x.rpm webkit2gtk3-debuginfo-2.38.5-1.el9.s390x.rpm webkit2gtk3-debugsource-2.38.5-1.el9.s390x.rpm webkit2gtk3-devel-2.38.5-1.el9.s390x.rpm webkit2gtk3-devel-debuginfo-2.38.5-1.el9.s390x.rpm webkit2gtk3-jsc-2.38.5-1.el9.s390x.rpm webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.s390x.rpm webkit2gtk3-jsc-devel-2.38.5-1.el9.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.s390x.rpm x86_64: webkit2gtk3-2.38.5-1.el9.i686.rpm webkit2gtk3-2.38.5-1.el9.x86_64.rpm webkit2gtk3-debuginfo-2.38.5-1.el9.i686.rpm webkit2gtk3-debuginfo-2.38.5-1.el9.x86_64.rpm webkit2gtk3-debugsource-2.38.5-1.el9.i686.rpm webkit2gtk3-debugsource-2.38.5-1.el9.x86_64.rpm webkit2gtk3-devel-2.38.5-1.el9.i686.rpm webkit2gtk3-devel-2.38.5-1.el9.x86_64.rpm webkit2gtk3-devel-debuginfo-2.38.5-1.el9.i686.rpm webkit2gtk3-devel-debuginfo-2.38.5-1.el9.x86_64.rpm webkit2gtk3-jsc-2.38.5-1.el9.i686.rpm webkit2gtk3-jsc-2.38.5-1.el9.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.i686.rpm webkit2gtk3-jsc-debuginfo-2.38.5-1.el9.x86_64.rpm webkit2gtk3-jsc-devel-2.38.5-1.el9.i686.rpm webkit2gtk3-jsc-devel-2.38.5-1.el9.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.38.5-1.el9.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-32886 https://access.redhat.com/security/cve/CVE-2022-32888 https://access.redhat.com/security/cve/CVE-2022-32923 https://access.redhat.com/security/cve/CVE-2022-42799 https://access.redhat.com/security/cve/CVE-2022-42823 https://access.redhat.com/security/cve/CVE-2022-42824 https://access.redhat.com/security/cve/CVE-2022-42826 https://access.redhat.com/security/cve/CVE-2022-42852 https://access.redhat.com/security/cve/CVE-2022-42863 https://access.redhat.com/security/cve/CVE-2022-42867 https://access.redhat.com/security/cve/CVE-2022-46691 https://access.redhat.com/security/cve/CVE-2022-46692 https://access.redhat.com/security/cve/CVE-2022-46698 https://access.redhat.com/security/cve/CVE-2022-46699 https://access.redhat.com/security/cve/CVE-2022-46700 https://access.redhat.com/security/cve/CVE-2023-23517 https://access.redhat.com/security/cve/CVE-2023-23518 https://access.redhat.com/security/cve/CVE-2023-25358 https://access.redhat.com/security/cve/CVE-2023-25360 https://access.redhat.com/security/cve/CVE-2023-25361 https://access.redhat.com/security/cve/CVE-2023-25362 https://access.redhat.com/security/cve/CVE-2023-25363 https://access.redhat.com/security/updates/classification/#important https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.2_release_notes/index 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc

A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3 macOS Monterey 12.6.3 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213604. AppleMobileFileIntegrity Available for: macOS Monterey Impact: An app may be able to access user-sensitive data Description: This issue was addressed by enabling hardened runtime. CVE-2023-23499: Wojciech Reguła (@_r3ggi) of SecuRing (wojciechregula.blog) curl Available for: macOS Monterey Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to curl version 7.86.0. CVE-2022-42915 CVE-2022-42916 CVE-2022-32221 CVE-2022-35260 curl Available for: macOS Monterey Impact: Multiple issues in curl Description: Multiple issues were addressed by updating to curl version 7.85.0. CVE-2022-35252 dcerpc Available for: macOS Monterey Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2023-23513: Dimitrios Tatsis and Aleksandar Nikolic of Cisco Talos DiskArbitration Available for: macOS Monterey Impact: An encrypted volume may be unmounted and remounted by a different user without prompting for the password Description: A logic issue was addressed with improved state management. CVE-2022-32915: Tommy Muir (@Muirey03) Intel Graphics Driver Available for: macOS Monterey Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2023-23504: Adam Doupé of ASU SEFCOM Kernel Available for: macOS Monterey Impact: An app may be able to determine kernel memory layout Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2023-23502: Pan ZhenPeng (@Peterpan0927) of STAR Labs SG Pte. Ltd. (@starlabs_sg) PackageKit Available for: macOS Monterey Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management. CVE-2023-23497: Mickey Jin (@patch1t) Screen Time Available for: macOS Monterey Impact: An app may be able to access information about a user’s contacts Description: A privacy issue was addressed with improved private data redaction for log entries. CVE-2023-23505: Wojciech Regula of SecuRing (wojciechregula.blog) Weather Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling. CVE-2023-23511: Wojciech Regula of SecuRing (wojciechregula.blog), an anonymous researcher WebKit Available for: macOS Monterey Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: The issue was addressed with improved memory handling. WebKit Bugzilla: 248268 CVE-2023-23518: YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE WebKit Bugzilla: 248268 CVE-2023-23517: YeongHyeon Choi (@hyeon101010), Hyeon Park (@tree_segment), SeOk JEON (@_seokjeon), YoungSung Ahn (@_ZeroSung), JunSeo Bae (@snakebjs0107), Dohyun Lee (@l33d0hyun) of Team ApplePIE Windows Installer Available for: macOS Monterey Impact: An app may be able to bypass Privacy preferences Description: The issue was addressed with improved memory handling. CVE-2023-23508: Mickey Jin (@patch1t) Additional recognition Kernel We would like to acknowledge Nick Stenning of Replicate for their assistance. macOS Monterey 12.6.3 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmPPIl8ACgkQ4RjMIDke NxlXeg/+JwvCu4zHuDTptxkKw1gxht0hTTVJvNjgNWj2XFtnOz9kCIupGj/xPTMl P9vABQWRbpEJfCJE31FbUcxRCMcr/jm8dDb1ocx4qsGLlY5iGLQ/M1G6OLxQVajg gGaCSMjW9Zk7l7sXztKj4XcirsB3ft9tiRJwgPUE0znaT70970usFdg+q95CzODm DHVoa5VNLi0zA4178CIiq4WayAZe90cRYYQQ1+Okjhab/U/blfGgEPhA/rrdjQ85 J4NKTXyGBIWl+Ix4HpLikYpnwm/TKyYiY+MogZ6xUmFwnUgXkPCc4gYdPANQk064 KNjy90yq3Os9IBjfDpw+Pqs6I3GMZ0oNYUKWO+45/0NVp5/qjDFt5K7ZS+Xz5Py7 YrodbwaYiESzsdfLja9ILf8X7taDLHxxfHEvWcXnhcMD1XNKU6mpsb8SOLicWYzp 8maZarjhzQl3dQi4Kz3vQk0hKHTIE6/04fRdDpqhM9WXljayLLO7bsryW8u98Y/b fR3BXgfsll+QjdLDeW3nfuY+q2JsW0a2lhJZnxuRQPC+wUGDoCY7vcCbv8zkx0oo y1w8VDBdUjj7vyVSAqoZNlpgl1ebKgciVhTvrgTsyVxuOA94VzDCeI5/6RkjDAJ+ WL2Em8qc4aqXvGEwimKdNkETbyqIRcNVXWhXLVGLsmHvDViVjGQ= =BbMS -----END PGP SIGNATURE-----

TOTOLINK T8 is a wireless dual-band router from China TOTOLINK. TOTOLINK T8 has a buffer overflow vulnerability that can be exploited by an attacker to cause a denial of service.

A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user with physical access to a device may be able to access contacts from the lock screen. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be obtained. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-13 watchOS 9 watchOS 9 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213486. Accelerate Framework Available for: Apple Watch Series 4 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-42795: ryuzaki AppleAVD Available for: Apple Watch Series 4 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: This issue was addressed with improved checks. CVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee__) Apple Neural Engine Available for: Apple Watch Series 4 and later Impact: An app may be able to leak sensitive kernel state Description: The issue was addressed with improved memory handling. CVE-2022-32858: Mohamed Ghannam (@_simo36) Apple Neural Engine Available for: Apple Watch Series 4 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32898: Mohamed Ghannam (@_simo36) CVE-2022-32899: Mohamed Ghannam (@_simo36) CVE-2022-32889: Mohamed Ghannam (@_simo36) Contacts Available for: Apple Watch Series 4 and later Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed with improved checks. CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security Exchange Available for: Apple Watch Series 4 and later Impact: A user in a privileged network position may be able to intercept mail credentials Description: A logic issue was addressed with improved restrictions. CVE-2022-32928: an anonymous researcher GPU Drivers Available for: Apple Watch Series 4 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-32903: an anonymous researcher ImageIO Available for: Apple Watch Series 4 and later Impact: Processing an image may lead to a denial-of-service Description: A denial-of-service issue was addressed with improved validation. CVE-2022-1622 Image Processing Available for: Apple Watch Series 4 and later Impact: A sandboxed app may be able to determine which app is currently using the camera Description: The issue was addressed with additional restrictions on the observability of app states. CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit) Kernel Available for: Apple Watch Series 4 and later Impact: An app may be able to disclose kernel memory Description: The issue was addressed with improved memory handling. CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de) Kernel Available for: Apple Watch Series 4 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de) CVE-2022-32911: Zweig of Kunlun Lab Kernel Available for: Apple Watch Series 4 and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-32914: Zweig of Kunlun Lab Kernel Available for: Apple Watch Series 4 and later Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-32894: an anonymous researcher Maps Available for: Apple Watch Series 4 and later Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved restrictions. CVE-2022-32883: Ron Masas of breakpointhq.com MediaLibrary Available for: Apple Watch Series 4 and later Impact: A user may be able to elevate privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2022-32879: Ubeydullah Sümer Sandbox Available for: Apple Watch Series 4 and later Impact: An app may be able to modify protected parts of the file system Description: A logic issue was addressed with improved restrictions. CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security Siri Available for: Apple Watch Series 4 and later Impact: A user with physical access to a device may be able to use Siri to obtain some call history information Description: A logic issue was addressed with improved state management. CVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/in/andrew-goldberg-/) SQLite Available for: Apple Watch Series 4 and later Impact: A remote user may be able to cause a denial-of-service Description: This issue was addressed with improved checks. CVE-2021-36690 Watch app Available for: Apple Watch Series 4 and later Impact: An app may be able to read a persistent device identifier Description: This issue was addressed with improved entitlements. CVE-2022-32835: Guilherme Rambo of Best Buddy Apps (rambo.codes) Weather Available for: Apple Watch Series 4 and later Impact: An app may be able to read sensitive location information Description: A logic issue was addressed with improved state management. CVE-2022-32875: an anonymous researcher WebKit Available for: Apple Watch Series 4 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 241969 CVE-2022-32886: P1umer(@p1umer), afang(@afang5472), xmzyshypnc(@xmzyshypnc1) WebKit Available for: Apple Watch Series 4 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla: 242047 CVE-2022-32888: P1umer (@p1umer) WebKit Available for: Apple Watch Series 4 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. WebKit Bugzilla: 242762 CVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative WebKit Available for: Apple Watch Series 4 and later Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 243236 CVE-2022-32891: @real_as3617, an anonymous researcher WebKit Available for: Apple Watch Series 4 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. WebKit Bugzilla: 243557 CVE-2022-32893: an anonymous researcher Wi-Fi Available for: Apple Watch Series 4 and later Impact: An app may be able to cause unexpected system termination or write kernel memory Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32925: Wang Yu of Cyberserval Additional recognition AppleCredentialManager We would like to acknowledge @jonathandata1 for their assistance. FaceTime We would like to acknowledge an anonymous researcher for their assistance. Kernel We would like to acknowledge an anonymous researcher for their assistance. Mail We would like to acknowledge an anonymous researcher for their assistance. Sandbox We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. UIKit We would like to acknowledge Aleczander Ewing for their assistance. WebKit We would like to acknowledge an anonymous researcher for their assistance. WebRTC We would like to acknowledge an anonymous researcher for their assistance. Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpMACgkQ4RjMIDke Nxmucg/+L8XHGSij8F6IoUuvCuJ3u1IUfHXE5LK0BafEddVzKS87fct6KP7L3kvE SfdJVCOrmfVImKn3etfpDgwgZoYqF8cxeb9PO7ObVT/15GBBfuAGc+rNZ3oAeWDJ iYFiiWZrDnj9gz6bo0jn4dN9q8/X9iIjUCujPdkrFzXqa+KkVub9wv6/jtJGQA3O YgDIaV0UvcJss0uhJR9GX+A3+4zeJgUiNq2a/1qf1nOFh/O59pbHNWYnHzB91/FE 8V+EJgfxaK/M3zDfonPI9SMa26lO+VJejOnco98of7Kk+yNoOy6xTIkBLLBURMqN Jxz0I3WNxjM5TQ61WzINvd198gqjyac2nVg1S4Gqkekk6VXwmQR5zaqQmzePQqp3 qw+qhICNqFSUJPyIDQwnuCaf1MlfEj57ustS5d8g5M1fNXBlnrtJVpI/CcPIAYvo 7pQZy/6QptmrPp6Lgv6k/Vtxi/H5s8/tHCnhtvczbdpH6lsPmCJlDSdzsK1L8krP 82WcjBulywZWfZ4IBNi52lD+EWlmzHomcYVGQcbd0/1FLE8h5meKCvYxM5ovfk1F PloJY8FQgJ3b+NcTQuTD4dZ7rc+Le5WqqD4EAgYbOKgAD6Fqy47eY8yNcYJw0qXP 5jll4mfHUJe7NHc9frZKrdpH0Cl8o9lRdRPpM+kLqteQlpNOjao= =Ty+V -----END PGP SIGNATURE----- . CVE-2022-32795: Narendra Bhati of Suma Soft Pvt. Ltd. Entry added October 27, 2022 Game Center We would like to acknowledge Joshua Jones for their assistance. Entry added October 27, 2022 This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 15.7 and iPadOS 15.7"

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may cause unexpected app termination or arbitrary code execution. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16 iOS 16.1 and iPadOS 16 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213489. AppleMobileFileIntegrity Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing additional entitlements. CVE-2022-42825: Mickey Jin (@patch1t) AVEVideoEncoder Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32940: ABC Research s.r.o. CFNetwork Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A certificate validation issue existed in the handling of WKWebView. CVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu) Core Bluetooth Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to record audio using a pair of connected AirPods Description: This issue was addressed with improved entitlements. CVE-2022-32946: Guilherme Rambo of Best Buddy Apps (rambo.codes) GPU Drivers Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32947: Asahi Lina (@LinaAsahi) IOHIDFamily Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may cause unexpected app termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-42820: Peter Pan ZhenPeng of STAR Labs IOKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42806: Tingting Yin of Tsinghua University Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32924: Ian Beer of Google Project Zero Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A remote user may be able to cause kernel code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-42808: Zweig of Kunlun Lab Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-42827: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-42829: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42830: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42831: an anonymous researcher CVE-2022-42832: an anonymous researcher Sandbox Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake Shortcuts Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A shortcut may be able to check the existence of an arbitrary path on the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Visiting a malicious website may lead to user interface spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 243693 CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun) WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. WebKit Bugzilla: 244622 CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 245058 CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University WebKit PDF Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 242781 CVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative Additional recognition iCloud We would like to acknowledge Tim Michaud (@TimGMichaud) of Moveworks.ai for their assistance. Kernel We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tommy Muir (@Muirey03) for their assistance. WebKit We would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an anonymous researcher for their assistance. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIyBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNW0WIACgkQ4RjMIDke NxmuNw/4m3JXuBK+obHVvyb4tGoeHKNZtJi/tHr0gDMtDjr5pIlXdl2wX99eLzoG D2Dj4YtMnUhqEgQVKVcnzxQuhmdHK21TmqgWi+kHNyg0plKX0mj+1222/qjtZOdf FgCHKsR0LVLDpgjthvA9WYqwbfOMmXvSS4sEHaeSIdo+8R68GcV9yJQ98hWsxqeh YPzZ8RqtkuzeeYVD8jaxVW6l7lQ37puQ3romivRe46Wi36nkYG6wifggWMSKmeNZ 9CVs/3GT294l9GnjuIHaM2WfnHzYSEQY/eqP34SQ96UPClpJF2afBCRd3eOl8ov1 hgyhjtfJCqqfb9uzXj0ciFrLFdn8xLxsY7L+RSOwtLz0zSTfwAkAEDnL7i5EBkwn 7a2l/r6bb/W7IOC67fQWZi33SkpGPJF51oT3PLOh1RyeRFE+NYd4hMMAIo8Bg4eZ 45aAh2L7ak1T6V4PnUuG+o51oQKKRH1b/MTamVyFWffT2uX8w+hrdDVifd/K/jmD auFkibGQBmO/VWe6f5lKsDQeq5RIax6OBs8LkZQ3EMIHi9De4s5WIlPakm4qYCLW QXQKlEi8p3BI4d5kckcXjdtwRp8QiJLinq9rZFzq5U5nQ2Z4KucHrMO0h5Frqisa KsmkMjSKuPPT5GTap9Z5BVJVSOADx0hTExUE1cGBESCtnmaXrw== =3Dgs -----END PGP SIGNATURE-----

The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. Apple watchOS is a smart watch operating system developed by Apple (Apple). Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16 iOS 16.1 and iPadOS 16 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213489. Apple Neural Engine Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32932: Mohamed Ghannam (@_simo36) Entry added October 27, 2022 AppleMobileFileIntegrity Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing additional entitlements. CVE-2022-42825: Mickey Jin (@patch1t) Audio Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: The issue was addressed with improved memory handling. CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative Entry added October 27, 2022 AVEVideoEncoder Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32940: ABC Research s.r.o. Backup Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to access iOS backups Description: A permissions issue was addressed with additional restrictions. CVE-2022-32929: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 27, 2022 CFNetwork Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A certificate validation issue existed in the handling of WKWebView. CVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu) Core Bluetooth Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to record audio using a pair of connected AirPods Description: This issue was addressed with improved entitlements. CVE-2022-32946: Guilherme Rambo of Best Buddy Apps (rambo.codes) FaceTime Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A user may be able to view restricted content from the lock screen Description: A lock screen issue was addressed with improved state management. CVE-2022-32935: Bistrit Dahal Entry added October 27, 2022 GPU Drivers Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32947: Asahi Lina (@LinaAsahi) Graphics Driver Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32939: Willy R. Vasquez of The University of Texas at Austin Entry added October 27, 2022 IOHIDFamily Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may cause unexpected app termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-42820: Peter Pan ZhenPeng of STAR Labs IOKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42806: Tingting Yin of Tsinghua University Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom) Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved checks. CVE-2022-42801: Ian Beer of Google Project Zero Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32924: Ian Beer of Google Project Zero Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A remote user may be able to cause kernel code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-42808: Zweig of Kunlun Lab Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-42827: an anonymous researcher Model I/O Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing a maliciously crafted USD file may disclose memory contents Description: The issue was addressed with improved memory handling. CVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab Entry added October 27, 2022 ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A buffer overflow may result in arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32941: an anonymous researcher Entry added October 27, 2022 ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-42829: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42830: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42831: an anonymous researcher CVE-2022-42832: an anonymous researcher Safari Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Visiting a maliciously crafted website may leak sensitive data Description: A logic issue was addressed with improved state management. CVE-2022-42817: Mir Masood Ali, PhD student, University of Illinois at Chicago; Binoy Chitale, MS student, Stony Brook University; Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago; Chris Kanich, Associate Professor, University of Illinois at Chicago Entry added October 27, 2022 Sandbox Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake Shortcuts Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A shortcut may be able to check the existence of an arbitrary path on the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Visiting a malicious website may lead to user interface spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 243693 CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun) WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. WebKit Bugzilla: 244622 CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 245058 CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University WebKit PDF Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 242781 CVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose internal states of the app Description: A correctness issue in the JIT was addressed with improved checks. WebKit Bugzilla: 242964 CVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab Entry added October 27, 2022 Wi-Fi Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Joining a malicious Wi-Fi network may result in a denial-of- service of the Settings app Description: The issue was addressed with improved memory handling. CVE-2022-32927: Dr Hideaki Goto of Tohoku University, Japan Entry added October 27, 2022 zlib Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-37434: Evgeny Legerov CVE-2022-42800: Evgeny Legerov Entry added October 27, 2022 Additional recognition iCloud We would like to acknowledge Tim Michaud (@TimGMichaud) of Moveworks.ai for their assistance. Kernel We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tommy Muir (@Muirey03) for their assistance. WebKit We would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an anonymous researcher for their assistance. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpsACgkQ4RjMIDke NxmS+w/8CfYJzSjrC2joLy6lOCg9Za2Mzc1+ynFTuVWud63t8zhif2lLU8Y+TOrG xUbstKDPw3ehwBBn97ZSkSoj3d+F+liPsUV5Udf1yssSF/5Ce7owa/V2KMCjliAr 1EvPOaiyXH94zrh+ddsTdikzDtNdseaYhSoYH4cQao/LPZx8bw4VSCxpQxSfOmoE /rSmqkq1wDpTXeLmHeQVBdLpM+QcEcpCkoQIpmeu3ntFhQrD3L9eAXcy3K7iI7qE Q/gTebUwLsLIhN6SrTu/sQaScErmOZqguOCTjPnkg9YQNxgu3jVuSlHuCWEZTvxq wqsHRSOMCU6xe7w3QPFsQmiMevFgRgWwuMTcCDIAaCTJTJ4Bx0mUirVCjFzEk8+w P6IScr4pearsQd31LSsu7OuirUmm/7ZH1XcAPdiDO4acorZNkt5Nzlf+x1Atls8j oMdrh0l2W44mvCgKtqPM0hz7xTTEwiyml7RWdz8Uf4qwjXjmZLt+Nt3GRGZ60JO6 fTkUHPhL/VnJz4rc90Zn+9LSK5u6JAQ6T16OA6CNqQ6ZFeN80zSzdSEzLuQC0FnL 08VhWzJNguA/xHidywQNeGqlhfT4posy6EDHp/9Q9heu/L1uRn/d1B5yxDpc2cyV w+AMI214/xT1VbJ9NMY3dXJBoVaDzhvC31ydXKPaCgCqc/mrlUo= =ULJl -----END PGP SIGNATURE-----

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges. Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-2 Additional information for APPLE-SA-2022-10-24-1 iOS 16.1 and iPadOS 16 iOS 16.1 and iPadOS 16 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213489. Apple Neural Engine Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32932: Mohamed Ghannam (@_simo36) Entry added October 27, 2022 AppleMobileFileIntegrity Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing additional entitlements. CVE-2022-42825: Mickey Jin (@patch1t) Audio Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: The issue was addressed with improved memory handling. CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative Entry added October 27, 2022 AVEVideoEncoder Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32940: ABC Research s.r.o. Backup Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to access iOS backups Description: A permissions issue was addressed with additional restrictions. CVE-2022-32929: Csaba Fitzl (@theevilbit) of Offensive Security Entry added October 27, 2022 CFNetwork Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A certificate validation issue existed in the handling of WKWebView. CVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu) Core Bluetooth Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to record audio using a pair of connected AirPods Description: This issue was addressed with improved entitlements. CVE-2022-32946: Guilherme Rambo of Best Buddy Apps (rambo.codes) FaceTime Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A user may be able to view restricted content from the lock screen Description: A lock screen issue was addressed with improved state management. CVE-2022-32935: Bistrit Dahal Entry added October 27, 2022 GPU Drivers Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32947: Asahi Lina (@LinaAsahi) Graphics Driver Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32939: Willy R. Vasquez of The University of Texas at Austin Entry added October 27, 2022 IOHIDFamily Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may cause unexpected app termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-42820: Peter Pan ZhenPeng of STAR Labs IOKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42806: Tingting Yin of Tsinghua University Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom) Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved checks. CVE-2022-42801: Ian Beer of Google Project Zero Entry added October 27, 2022 Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32924: Ian Beer of Google Project Zero Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A remote user may be able to cause kernel code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-42808: Zweig of Kunlun Lab Kernel Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-42827: an anonymous researcher Model I/O Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing a maliciously crafted USD file may disclose memory contents Description: The issue was addressed with improved memory handling. CVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab Entry added October 27, 2022 ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A buffer overflow may result in arbitrary code execution Description: The issue was addressed with improved bounds checks. CVE-2022-32941: an anonymous researcher Entry added October 27, 2022 ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-42829: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42830: an anonymous researcher ppp Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42831: an anonymous researcher CVE-2022-42832: an anonymous researcher Safari Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Visiting a maliciously crafted website may leak sensitive data Description: A logic issue was addressed with improved state management. CVE-2022-42817: Mir Masood Ali, PhD student, University of Illinois at Chicago; Binoy Chitale, MS student, Stony Brook University; Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago; Chris Kanich, Associate Professor, University of Illinois at Chicago Entry added October 27, 2022 Sandbox Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake Shortcuts Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A shortcut may be able to check the existence of an arbitrary path on the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Visiting a malicious website may lead to user interface spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 243693 CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun) WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. WebKit Bugzilla: 244622 CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 245058 CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University WebKit PDF Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 242781 CVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative WebKit Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Processing maliciously crafted web content may disclose internal states of the app Description: A correctness issue in the JIT was addressed with improved checks. WebKit Bugzilla: 242964 CVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab Entry added October 27, 2022 Wi-Fi Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: Joining a malicious Wi-Fi network may result in a denial-of- service of the Settings app Description: The issue was addressed with improved memory handling. CVE-2022-32927: Dr Hideaki Goto of Tohoku University, Japan Entry added October 27, 2022 zlib Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later Impact: A user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-37434: Evgeny Legerov CVE-2022-42800: Evgeny Legerov Entry added October 27, 2022 Additional recognition iCloud We would like to acknowledge Tim Michaud (@TimGMichaud) of Moveworks.ai for their assistance. Kernel We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tommy Muir (@Muirey03) for their assistance. WebKit We would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an anonymous researcher for their assistance. All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpsACgkQ4RjMIDke NxmS+w/8CfYJzSjrC2joLy6lOCg9Za2Mzc1+ynFTuVWud63t8zhif2lLU8Y+TOrG xUbstKDPw3ehwBBn97ZSkSoj3d+F+liPsUV5Udf1yssSF/5Ce7owa/V2KMCjliAr 1EvPOaiyXH94zrh+ddsTdikzDtNdseaYhSoYH4cQao/LPZx8bw4VSCxpQxSfOmoE /rSmqkq1wDpTXeLmHeQVBdLpM+QcEcpCkoQIpmeu3ntFhQrD3L9eAXcy3K7iI7qE Q/gTebUwLsLIhN6SrTu/sQaScErmOZqguOCTjPnkg9YQNxgu3jVuSlHuCWEZTvxq wqsHRSOMCU6xe7w3QPFsQmiMevFgRgWwuMTcCDIAaCTJTJ4Bx0mUirVCjFzEk8+w P6IScr4pearsQd31LSsu7OuirUmm/7ZH1XcAPdiDO4acorZNkt5Nzlf+x1Atls8j oMdrh0l2W44mvCgKtqPM0hz7xTTEwiyml7RWdz8Uf4qwjXjmZLt+Nt3GRGZ60JO6 fTkUHPhL/VnJz4rc90Zn+9LSK5u6JAQ6T16OA6CNqQ6ZFeN80zSzdSEzLuQC0FnL 08VhWzJNguA/xHidywQNeGqlhfT4posy6EDHp/9Q9heu/L1uRn/d1B5yxDpc2cyV w+AMI214/xT1VbJ9NMY3dXJBoVaDzhvC31ydXKPaCgCqc/mrlUo= =ULJl -----END PGP SIGNATURE-----

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. A user may be able to view restricted content from the lock screen. Apple macOS is a set of dedicated operating systems developed by Apple Corporation for Mac computers