CVE-2022-32907

Sažetak

This issue was addressed with improved checks. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

Reference

http://packetstormsecurity.com/files/169930/AppleAVD-AppleAVDUserClient-decodeFrameFig-Memory-Corruption.html
https://support.apple.com/en-us/HT213446
https://support.apple.com/en-us/HT213486
https://support.apple.com/en-us/HT213487
http://packetstormsecurity.com/files/169930/AppleAVD-AppleAVDUserClient-decodeFrameFig-Memory-Corruption.html
https://support.apple.com/en-us/HT213446
https://support.apple.com/en-us/HT213486
https://support.apple.com/en-us/HT213487

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

06-05-2025 - 20:15

Objavljeno

01-11-2022 - 20:15