exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2022-10-27-3

Apple Security Advisory 2022-10-27-3
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-3 - iOS 16 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple, ios
advisories | CVE-2021-36690, CVE-2022-1622, CVE-2022-26744, CVE-2022-32795, CVE-2022-32827, CVE-2022-32835, CVE-2022-32854, CVE-2022-32858, CVE-2022-32859, CVE-2022-32864, CVE-2022-32865, CVE-2022-32866, CVE-2022-32867, CVE-2022-32868
SHA-256 | f72f652240009ad6885c95e399eeada938afdca8ed7e90acdcc02793817280ae

Apple Security Advisory 2022-10-27-3

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16

iOS 16 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213446.

Accelerate Framework
Available for: iPhone 8 and later
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory consumption issue was addressed with improved
memory handling.
CVE-2022-42795: ryuzaki
Entry added October 27, 2022

AppleAVD
Available for: iPhone 8 and later
Impact: An app may be able to cause a denial-of-service
Description: A memory corruption issue was addressed with improved
state management.
CVE-2022-32827: Antonio Zekic (@antoniozekic), Natalie Silvanovich of
Google Project Zero, and an anonymous researcher
Entry added October 27, 2022

AppleAVD
Available for: iPhone 8 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: This issue was addressed with improved checks.
CVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio
Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research
s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee__)
Entry added October 27, 2022

Apple Neural Engine
Available for: iPhone 8 and later
Impact: An app may be able to leak sensitive kernel state
Description: The issue was addressed with improved memory handling.
CVE-2022-32858: Mohamed Ghannam (@_simo36)
Entry added October 27, 2022

Apple Neural Engine
Available for: iPhone 8 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32898: Mohamed Ghannam (@_simo36)
CVE-2022-32899: Mohamed Ghannam (@_simo36)
CVE-2022-32889: Mohamed Ghannam (@_simo36)
Entry added October 27, 2022

Apple TV
Available for: iPhone 8 and later
Impact: An app may be able to access user-sensitive data
Description: The issue was addressed with improved handling of
caches.
CVE-2022-32909: Csaba Fitzl (@theevilbit) of Offensive Security
Entry added October 27, 2022

Contacts
Available for: iPhone 8 and later
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed with improved checks.
CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security

Crash Reporter
Available for: iPhone 8 and later
Impact: A user with physical access to an iOS device may be able to
read past diagnostic logs
Description: This issue was addressed with improved data protection.
CVE-2022-32867: Kshitij Kumar and Jai Musunuri of Crowdstrike
Entry added October 27, 2022

DriverKit
Available for: iPhone 8 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32865: Linus Henze of Pinauten GmbH (pinauten.de)
Entry added October 27, 2022

Exchange
Available for: iPhone 8 and later
Impact: A user in a privileged network position may be able to
intercept mail credentials
Description: A logic issue was addressed with improved restrictions.
CVE-2022-32928: an anonymous researcher
Entry added October 27, 2022

GPU Drivers
Available for: iPhone 8 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2022-26744: an anonymous researcher
Entry added October 27, 2022

GPU Drivers
Available for: iPhone 8 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-32903: an anonymous researcher
Entry added October 27, 2022

ImageIO
Available for: iPhone 8 and later
Impact: Processing an image may lead to a denial-of-service
Description: A denial-of-service issue was addressed with improved
validation.
CVE-2022-1622
Entry added October 27, 2022

Image Processing
Available for: iPhone 8 and later
Impact: A sandboxed app may be able to determine which app is
currently using the camera
Description: The issue was addressed with additional restrictions on
the observability of app states.
CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit)
Entry added October 27, 2022

IOGPUFamily
Available for: iPhone 8 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32887: an anonymous researcher
Entry added October 27, 2022

Kernel
Available for: iPhone 8 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-32914: Zweig of Kunlun Lab
Entry added October 27, 2022

Kernel
Available for: iPhone 8 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)
CVE-2022-32911: Zweig of Kunlun Lab
Entry updated October 27, 2022

Kernel
Available for: iPhone 8 and later
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

Kernel
Available for: iPhone 8 and later
Impact: An application may be able to execute arbitrary code with
kernel privileges.
Description: The issue was addressed with improved bounds checks.
CVE-2022-32917: an anonymous researcher

Maps
Available for: iPhone 8 and later
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved restrictions.
CVE-2022-32883: Ron Masas, breakpointhq.com

MediaLibrary
Available for: iPhone 8 and later
Impact: A user may be able to elevate privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2022-32908: an anonymous researcher

Notifications
Available for: iPhone 8 and later
Impact: A user with physical access to a device may be able to access
contacts from the lock screen
Description: A logic issue was addressed with improved state
management.
CVE-2022-32879: Ubeydullah Sümer
Entry added October 27, 2022

Photos
Available for: iPhone 8 and later
Impact: An app may be able to bypass Privacy preferences
Description: This issue was addressed with improved data protection.
CVE-2022-32918: an anonymous researcher, Jugal Goradia of Aastha
Technologies, Srijan Shivam Mishra of The Hack Report, Evan Ricafort
(evanricafort.com) of Invalid Web Security, Amod Raghunath Patwardhan
of Pune, India, Ashwani Rajput of Nagarro Software Pvt. Ltd
Entry added October 27, 2022

Safari
Available for: iPhone 8 and later
Impact: Visiting a malicious website may lead to address bar spoofing
Description: This issue was addressed with improved checks.
CVE-2022-32795: Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India)
@imnarendrabhati

Safari Extensions
Available for: iPhone 8 and later
Impact: A website may be able to track users through Safari web
extensions
Description: A logic issue was addressed with improved state
management.
WebKit Bugzilla: 242278
CVE-2022-32868: Michael

Sandbox
Available for: iPhone 8 and later
Impact: An app may be able to modify protected parts of the file
system
Description: A logic issue was addressed with improved restrictions.
CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security
Entry added October 27, 2022

Security
Available for: iPhone 8 and later
Impact: An app may be able to bypass code signing checks
Description: An issue in code signature validation was addressed with
improved checks.
CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)
Entry added October 27, 2022

Shortcuts
Available for: iPhone 8 and later
Impact: A person with physical access to an iOS device may be able to
access photos from the lock screen
Description: A logic issue was addressed with improved restrictions.
CVE-2022-32872: Elite Tech Guru

Sidecar
Available for: iPhone 8 and later
Impact: A user may be able to view restricted content from the lock
screen
Description: A logic issue was addressed with improved state
management.
CVE-2022-42790: Om kothawade of Zaprico Digital
Entry added October 27, 2022

Siri
Available for: iPhone 8 and later
Impact: A user with physical access to a device may be able to use
Siri to obtain some call history information
Description: A logic issue was addressed with improved state
management.
CVE-2022-32870: Andrew Goldberg of The McCombs School of Business,
The University of Texas at Austin (linkedin.com/andrew-goldberg-/)
Entry added October 27, 2022

SQLite
Available for: iPhone 8 and later
Impact: A remote user may be able to cause a denial-of-service
Description: This issue was addressed with improved checks.
CVE-2021-36690
Entry added October 27, 2022

Time Zone
Available for: iPhone 8 and later
Impact: Deleted contacts may still appear in spotlight search results
Description: A logic issue was addressed with improved state
management.
CVE-2022-32859
Entry added October 27, 2022

Watch app
Available for: iPhone 8 and later
Impact: An app may be able to read a persistent device identifier
Description: This issue was addressed with improved entitlements.
CVE-2022-32835: Guilherme Rambo of Best Buddy Apps (rambo.codes)
Entry added October 27, 2022

Weather
Available for: iPhone 8 and later
Impact: An app may be able to read sensitive location information
Description: A logic issue was addressed with improved state
management.
CVE-2022-32875: an anonymous researcher
Entry added October 27, 2022

WebKit
Available for: iPhone 8 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
WebKit Bugzilla: 242047
CVE-2022-32888: P1umer (@p1umer)
Entry added October 27, 2022

WebKit
Available for: iPhone 8 and later
Impact: Visiting a website that frames malicious content may lead to
UI spoofing
Description: The issue was addressed with improved UI handling.
WebKit Bugzilla: 243236
CVE-2022-32891: @real_as3617, and an anonymous researcher
Entry added October 27, 2022

WebKit
Available for: iPhone 8 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
WebKit Bugzilla: 241969
CVE-2022-32886: P1umer, afang5472, xmzyshypnc

WebKit
Available for: iPhone 8 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
WebKit Bugzilla: 242762
CVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with
Trend Micro Zero Day Initiative

WebKit Sandboxing
Available for: iPhone 8 and later
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: An access issue was addressed with improvements to the
sandbox.
WebKit Bugzilla: 243181
CVE-2022-32892: @18楼梦想改造家 and @jq0904 of DBAppSecurity's WeBin lab
Entry added October 27, 2022

Wi-Fi
Available for: iPhone 8 and later
Impact: An app may be able to cause unexpected system termination or
write kernel memory
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-32925: Wang Yu of Cyberserval
Entry added October 27, 2022

Additional recognition

AirDrop
We would like to acknowledge Alexander Heinrich, Milan Stute, and
Christian Weinert of Technical University of Darmstadt for their
assistance.
Entry added October 27, 2022

AppleCredentialManager
We would like to acknowledge @jonathandata1 for their assistance.
Entry added October 27, 2022

Calendar UI
We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of
Lakshmi Narain College Of Technology Bhopal for their assistance.
Entry added October 27, 2022

FaceTime
We would like to acknowledge an anonymous researcher for their
assistance.
Entry added October 27, 2022

Find My
We would like to acknowledge an anonymous researcher for their
assistance.
Entry added October 27, 2022

Game Center
We would like to acknowledge Joshua Jones for their assistance.

iCloud
We would like to acknowledge Bülent Aytulun, and an anonymous
researcher for their assistance.
Entry added October 27, 2022

Identity Services
We would like to acknowledge Joshua Jones for their assistance.

Kernel
We would like to acknowledge Pan ZhenPeng(@Peterpan0927), Tingting
Yin of Tsinghua University, and Min Zheng of Ant Group, and an
anonymous researcher for their assistance.
Entry added October 27, 2022

Mail
We would like to acknowledge an anonymous researcher for their
assistance.
Entry added October 27, 2022

Notes
We would like to acknowledge Edward Riley of Iron Cloud Limited
(ironclouduk.com) for their assistance.
Entry added October 27, 2022

Photo Booth
We would like to acknowledge Prashanth Kannan of Dremio for their
assistance.
Entry added October 27, 2022

Sandbox
We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive
Security for their assistance.
Entry added October 27, 2022

Shortcuts
We would like to acknowledge Shay Dror for their assistance.
Entry added October 27, 2022

SOS
We would like to acknowledge Xianfeng Lu and Lei Ai of OPPO Amber
Security Lab for their assistance.
Entry added October 27, 2022

UIKit
We would like to acknowledge Aleczander Ewing, Simon de Vegt, and an
anonymous researcher for their assistance.
Entry added October 27, 2022

WebKit
We would like to acknowledge an anonymous researcher for their
assistance.
Entry added October 27, 2022

WebRTC
We would like to acknowledge an anonymous researcher for their
assistance.
Entry added October 27, 2022

This update is available through iTunes and Software Update on your
iOS device, and will not appear in your computer's Software Update
application, or in the Apple Downloads site. Make sure you have an
Internet connection and have installed the latest version of iTunes
from https://www.apple.com/itunes/ iTunes and Software Update on the
device will automatically check Apple's update server on its weekly
schedule. When an update is detected, it is downloaded and the option
to be installed is presented to the user when the iOS device is
docked. We recommend applying the update immediately if possible.
Selecting Don't Install will present the option the next time you
connect your iOS device. The automatic update process may take up to
a week depending on the day that iTunes or the device checks for
updates. You may manually obtain the update via the Check for Updates
button within iTunes, or the Software Update on your device. To
check that the iPhone, iPod touch, or iPad has been updated: *
Navigate to Settings * Select General * Select About. The version
after applying this update will be "iOS 16".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpoACgkQ4RjMIDke
NxkQ8w/9FMTP02t/AKe0nXZ44UhfMLy7Sx88gpWRHaWKZtdjPADC2kxx1RbVSvrC
C5nB6bw2zGppE1V284QitcNG9WrGGTINK6Knshv0PCkWLZnh1sYqX2bYbKmY6Ol7
K+lRk6zicF3k7KcCZRly6UuJ8RvfPpa2wKuVVv5FBPM8bPRuovVRiRxGUWuO7emM
ZXyp4n5u+GldW8n8hRK/jxwGGwrKqFmXL9Ecd79I2/4uYmEx6tmoAYuEZs26BfjK
Etd1F54PlewmyUKvVlWiwLhpVgygRqkmvW+jKwX46gBzwHFK88B9IV6wf8ZD5JaU
Ur+nqEjiqmbYdcfV8pu64eRNnlTiCmD/ehJg8sNG38m9SeqOw3ZNVaQ8+sgoXwsp
rpsPDPsXmPqqadxERe7LwLXSm4KtTARdGbEffHAA5eqc+U0ja2u3piqk8ZKTrC6K
tORrDjSkKx9AILbds99Wzbnb1rfF/09N1+LPQT7Ac8PCA/kE+XQ+nmSDoInh8PTU
rFt3ZW9Ud0q6Y2Ix11WYrb6wOqs/vafaW5zXTnNfgKNvw2zO/9yKYhaqIjlGtLSJ
Og/O1sdcPMPisBGQynF7Dj42riQD5RQGbB/GmfgRqUHFXwcWJxFRblkwUxbjuEaR
nYRj90cDbUE2wmsE4y4uFfCVpKTQCQCKXuSuBkOQje0KjTDHWac=
=I+iq
-----END PGP SIGNATURE-----


Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close