CVE-2022-32924

Sažetak

The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6. An app may be able to execute arbitrary code with kernel privileges.

Reference

https://support.apple.com/en-us/HT213443
https://support.apple.com/en-us/HT213444
https://support.apple.com/en-us/HT213488
https://support.apple.com/en-us/HT213492
https://support.apple.com/en-us/HT213491
https://support.apple.com/en-us/HT213489
http://packetstormsecurity.com/files/170010/XNU-Dangling-PTE-Entry.html

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	-

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

09-01-2023 - 16:41

Objavljeno

01-11-2022 - 20:15