Apple Patches Everything: October 2022 Edition
A quick summary of Apple's pretty massive patch day today. With the release of a new version of macOS, and updates for all operating systems Apple publishes, we got a total of 106 vulnerabilities. As before with Apple, the rating (critical/important) is our own and not based on a CVSS score, as Apple publishes non. I typically rate privilege escalation, like flaws, as important and code execution flaws as critical. Let me know if you disagree with the rating. "other" just means that I didn't get around to rate the particular issue or that it affects multiple vulnerabilities.
One of the critical issues, CVE-2022-42827, may have been actively exploited, according to reports received by Apple. This issue affects iPadOS and iOS.
Safari | iOS and iPadOS | MacOS Monterey (12.x) | MacOS BigSur (10.x) | macOS Ventura (13.x) | TVOS | WatchOS | |
---|---|---|---|---|---|---|---|
WebKit Bugzilla [important] WebKit A logic issue was addressed with improved state management. Processing maliciously crafted web content may disclose sensitive user information |
|||||||
x | x | x | x | x | |||
CVE-2022-42825 [important] AppleMobileFileIntegrity This issue was addressed by removing additional entitlements. An app may be able to modify protected parts of the file system |
|||||||
x | x | x | x | x | x | ||
CVE-2022-32940 [important] AVEVideoEncoder The issue was addressed with improved bounds checks. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | x | x | x | ||||
CVE-2022-42813 [critical] CFNetwork A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation. Processing a maliciously crafted certificate may lead to arbitrary code execution |
|||||||
x | x | x | x | ||||
CVE-2022-32946 [important] Core Bluetooth This issue was addressed with improved entitlements. An app may be able to record audio using a pair of connected AirPods |
|||||||
x | |||||||
CVE-2022-32947 [important] GPU Drivers The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | x | x | |||||
CVE-2022-42820 [important] IOHIDFamily A memory corruption issue was addressed with improved state management. An app may cause unexpected app termination or arbitrary code execution |
|||||||
x | x | ||||||
CVE-2022-42806 [important] IOKit A race condition was addressed with improved locking. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | x | ||||||
CVE-2022-32924 [important] Kernel The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | x | x | x | ||||
CVE-2022-42808 [critical] Kernel An out-of-bounds write issue was addressed with improved bounds checking. A remote user may be able to cause kernel code execution |
|||||||
x | x | x | x | ||||
CVE-2022-42827 [critical] Kernel An out-of-bounds write issue was addressed with improved bounds checking. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. |
|||||||
x | |||||||
CVE-2022-42829 [important] ppp A use after free issue was addressed with improved memory management. An app with root privileges may be able to execute arbitrary code with kernel privileges |
|||||||
x | x | ||||||
CVE-2022-42830 [important] ppp The issue was addressed with improved memory handling. An app with root privileges may be able to execute arbitrary code with kernel privileges |
|||||||
x | x | ||||||
CVE-2022-42831 [important] ppp A race condition was addressed with improved locking. An app with root privileges may be able to execute arbitrary code with kernel privileges |
|||||||
x | x | ||||||
CVE-2022-42832 [important] ppp A race condition was addressed with improved locking. An app with root privileges may be able to execute arbitrary code with kernel privileges |
|||||||
x | x | ||||||
CVE-2022-42811 [important] Sandbox An access issue was addressed with additional sandbox restrictions. An app may be able to access user-sensitive data |
|||||||
x | x | x | x | ||||
CVE-2022-32938 [important] Shortcuts A parsing issue in the handling of directory paths was addressed with improved path validation. A shortcut may be able to check the existence of an arbitrary path on the file system |
|||||||
x | x | ||||||
CVE-2022-28739 [critical] Ruby A memory corruption issue was addressed by updating Ruby to version 2.6.10. A remote user may be able to cause unexpected app termination or arbitrary code execution |
|||||||
x | x | x | |||||
CVE-2022-32862 [important] Sandbox This issue was addressed with improved data protection. An app with root privileges may be able to access private information |
|||||||
x | x | x | |||||
CVE-2022-42795 [critical] Accelerate Framework A memory consumption issue was addressed with improved memory handling. Processing a maliciously crafted image may lead to arbitrary code execution |
|||||||
x | |||||||
CVE-2022-32858 [important] Apple Neural Engine The issue was addressed with improved memory handling. An app may be able to leak sensitive kernel state |
|||||||
x | |||||||
CVE-2022-32898 [important] Apple Neural Engine The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | |||||||
CVE-2022-32899 [important] Apple Neural Engine The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | |||||||
CVE-2022-32827 [important] AppleAVD A memory corruption issue was addressed with improved state management. An app may be able to cause a denial-of-service |
|||||||
x | |||||||
CVE-2022-42789 [important] AppleMobileFileIntegrity An issue in code signature validation was addressed with improved checks. An app may be able to access user-sensitive data |
|||||||
x | |||||||
CVE-2022-32902 [important] ATS A logic issue was addressed with improved state management. An app may be able to bypass Privacy preferences |
|||||||
x | |||||||
CVE-2022-32904 [important] ATS An access issue was addressed with additional sandbox restrictions. An app may be able to access user-sensitive data |
|||||||
x | |||||||
CVE-2022-32890 [moderate] ATS A logic issue was addressed with improved checks. A sandboxed process may be able to circumvent sandbox restrictions |
|||||||
x | |||||||
CVE-2022-42796 [important] Audio This issue was addressed by removing the vulnerable code. An app may be able to gain elevated privileges |
|||||||
x | |||||||
CVE-2022-42819 [important] Calendar An access issue was addressed with improved access restrictions. An app may be able to read sensitive location information |
|||||||
x | |||||||
CVE-2022-26730 [critical] ColorSync A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. Processing a maliciously crafted image may lead to arbitrary code execution |
|||||||
x | |||||||
CVE-2022-32867 [important] Crash Reporter This issue was addressed with improved data protection. A user with physical access to an iOS device may be able to read past diagnostic logs |
|||||||
x | |||||||
CVE-2022-32205 [other] curl Multiple issues were addressed by updating to curl version 7.84.0. Multiple issues in curl |
|||||||
x | |||||||
CVE-2022-32206 [other] curl Multiple issues were addressed by updating to curl version 7.84.0. Multiple issues in curl |
|||||||
x | |||||||
CVE-2022-32207 [other] curl Multiple issues were addressed by updating to curl version 7.84.0. Multiple issues in curl |
|||||||
x | |||||||
CVE-2022-32208 [other] curl Multiple issues were addressed by updating to curl version 7.84.0. Multiple issues in curl |
|||||||
x | |||||||
CVE-2022-42814 [important] Directory Utility A logic issue was addressed with improved checks. An app may be able to access user-sensitive data |
|||||||
x | |||||||
CVE-2022-32865 [important] DriverKit The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | |||||||
CVE-2022-32915 [important] DriverKit A type confusion issue was addressed with improved checks. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | |||||||
CVE-2022-32928 [other] Exchange A logic issue was addressed with improved restrictions. A user in a privileged network position may be able to intercept mail credentials |
|||||||
x | |||||||
CVE-2022-42788 [other] Find My A permissions issue existed. This issue was addressed with improved permission validation. A malicious application may be able to read sensitive location information |
|||||||
x | |||||||
CVE-2022-32905 [critical] Finder This issue was addressed with improved validation of symlinks. Processing a maliciously crafted DMG file may lead to arbitrary code execution with system privileges |
|||||||
x | |||||||
CVE-2022-42809 [other] Grapher The issue was addressed with improved memory handling. Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution |
|||||||
x | |||||||
CVE-2022-32913 [other] Image Processing The issue was addressed with additional restrictions on the observability of app states. A sandboxed app may be able to determine which app is currently using the camera |
|||||||
x | |||||||
CVE-2022-1622 [other] ImageIO A denial-of-service issue was addressed with improved validation. Processing an image may lead to a denial-of-service |
|||||||
x | |||||||
CVE-2022-32936 [important] Intel Graphics Driver An out-of-bounds read was addressed with improved input validation. An app may be able to disclose kernel memory |
|||||||
x | |||||||
CVE-2022-32864 [important] Kernel The issue was addressed with improved memory handling. An app may be able to disclose kernel memory |
|||||||
x | |||||||
CVE-2022-32866 [important] Kernel The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | |||||||
CVE-2022-32911 [important] Kernel The issue was addressed with improved memory handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | |||||||
CVE-2022-32914 [important] Kernel A use after free issue was addressed with improved memory management. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | |||||||
CVE-2022-42815 [important] Mail This issue was addressed with improved data protection. An app may be able to access user-sensitive data |
|||||||
x | |||||||
CVE-2022-32883 [important] Maps A logic issue was addressed with improved restrictions. An app may be able to read sensitive location information |
|||||||
x | |||||||
CVE-2022-32908 [other] MediaLibrary A memory corruption issue was addressed with improved input validation. A user may be able to elevate privileges |
|||||||
x | |||||||
CVE-2021-39537 [other] ncurses A buffer overflow was addressed with improved bounds checking. A user may be able to cause unexpected app termination or arbitrary code execution |
|||||||
x | |||||||
CVE-2022-29458 [other] ncurses A denial-of-service issue was addressed with improved validation. Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contents |
|||||||
x | |||||||
CVE-2022-42818 [other] Notes This issue was addressed with improved data protection. A user in a privileged network position may be able to track user activity |
|||||||
x | |||||||
CVE-2022-32879 [other] Notifications A logic issue was addressed with improved state management. A user with physical access to a device may be able to access contacts from the lock screen |
|||||||
x | |||||||
CVE-2022-32895 [important] PackageKit A race condition was addressed with improved state handling. An app may be able to modify protected parts of the file system |
|||||||
x | |||||||
CVE-2022-32918 [important] Photos This issue was addressed with improved data protection. An app may be able to bypass Privacy preferences |
|||||||
x | |||||||
CVE-2022-32881 [important] Sandbox A logic issue was addressed with improved restrictions. An app may be able to modify protected parts of the file system |
|||||||
x | |||||||
CVE-2022-42793 [other] Security An issue in code signature validation was addressed with improved checks. An app may be able to bypass code signing checks |
|||||||
x | |||||||
CVE-2022-42790 [important] Sidecar A logic issue was addressed with improved state management. A user may be able to view restricted content from the lock screen |
|||||||
x | |||||||
CVE-2022-32870 [other] Siri A logic issue was addressed with improved state management. A user with physical access to a device may be able to use Siri to obtain some call history information |
|||||||
x | |||||||
CVE-2022-32934 [critical] SMB The issue was addressed with improved memory handling. A remote user may be able to cause kernel code execution |
|||||||
x | |||||||
CVE-2022-42791 [important] Software Update A race condition was addressed with improved state handling. An app may be able to execute arbitrary code with kernel privileges |
|||||||
x | |||||||
CVE-2021-36690 [other] SQLite This issue was addressed with improved checks. A remote user may be able to cause a denial-of-service |
|||||||
x | |||||||
CVE-2022-0261 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0318 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0319 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0351 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0359 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0361 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0368 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0392 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0554 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0572 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0629 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0685 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0696 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0714 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0729 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-0943 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1381 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1420 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1725 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1616 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1619 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1620 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1621 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1629 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1674 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1733 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1735 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1769 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1927 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1942 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1968 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1851 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1897 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1898 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-1720 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-2000 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-2042 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-2124 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-2125 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-2126 [other] Vim Multiple issues were addressed by updating Vim. Multiple issues in Vim |
|||||||
x | |||||||
CVE-2022-32875 [important] Weather A logic issue was addressed with improved state management. An app may be able to read sensitive location information |
|||||||
x |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 13th - Dec 18th 2024 |
Comments