CVE-2022-32864

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to disclose kernel memory.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://seclists.org/fulldisclosure/2022/Oct/28	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/39	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/40	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/41	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/43	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/45	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/47	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2022/Oct/49	Mailing List Third Party Advisory
https://support.apple.com/en-us/HT213443	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213444	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213445	Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213446	Release Notes Vendor Advisory
https://support.apple.com/kb/HT213486	Vendor Advisory
https://support.apple.com/kb/HT213487	Vendor Advisory
https://support.apple.com/kb/HT213488	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:ipados::::::::
	cpe:2.3:o:apple:iphone_os::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:tvos::::::::
	cpe:2.3:o:apple:watchos::::::::

History

04 Nov 2022, 12:46

Type	Values Removed	Values Added
References		(FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/49 - Mailing List, Third Party Advisory (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/45 - Mailing List, Third Party Advisory (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/41 - Mailing List, Third Party Advisory (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/47 - Mailing List, Third Party Advisory (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/43 - Mailing List, Third Party Advisory (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/28 - Mailing List, Third Party Advisory (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/39 - Mailing List, Third Party Advisory (FULLDISC) http://seclists.org/fulldisclosure/2022/Oct/40 - Mailing List, Third Party Advisory
References	~~(CONFIRM) https://support.apple.com/kb/HT213487 -~~	(CONFIRM) https://support.apple.com/kb/HT213487 - Vendor Advisory
References	~~(CONFIRM) https://support.apple.com/kb/HT213486 -~~	(CONFIRM) https://support.apple.com/kb/HT213486 - Vendor Advisory
References	~~(CONFIRM) https://support.apple.com/kb/HT213488 -~~	(CONFIRM) https://support.apple.com/kb/HT213488 - Vendor Advisory
CPE		cpe:2.3:o:apple:tvos:::::::: cpe:2.3:o:apple:watchos::::::::

27 Oct 2022, 22:15

Type	Values Removed	Values Added
References		(CONFIRM) https://support.apple.com/kb/HT213486 - (CONFIRM) https://support.apple.com/kb/HT213487 -

25 Oct 2022, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-09-20 21:15

Updated : 2024-02-04 22:51

NVD link : CVE-2022-32864

Mitre link : CVE-2022-32864

CVE.ORG link : CVE-2022-32864

JSON object : View

Products Affected

apple

iphone_os
ipados
macos
watchos
tvos

CWE

NVD-CWE-noinfo

5.5 /10