-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-03-14-2 watchOS 8.5 watchOS 8.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213193. Accelerate Framework Available for: Apple Watch Series 3 and later Impact: Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2022-22633: an anonymous researcher AppleAVD Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory corruption issue was addressed with improved validation. CVE-2022-22666: Marc Schoenefeld, Dr. rer. nat. ImageIO Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2022-22611: Xingyu Jin of Google ImageIO Available for: Apple Watch Series 3 and later Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-22612: Xingyu Jin of Google Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-22596: an anonymous researcher CVE-2022-22640: sqrtpwn Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22613: Alex, an anonymous researcher Kernel Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22614: an anonymous researcher CVE-2022-22615: an anonymous researcher Kernel Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved state management. CVE-2022-22632: Keegan Saunders Kernel Available for: Apple Watch Series 3 and later Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A null pointer dereference was addressed with improved validation. CVE-2022-22638: derrek (@derrekr6) libarchive Available for: Apple Watch Series 3 and later Impact: Multiple issues in libarchive Description: Multiple memory corruption issues existed in libarchive. These issues were addressed with improved input validation. CVE-2021-36976 MediaRemote Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to identify what other applications a user has installed Description: An access issue was addressed with improved access restrictions. CVE-2022-22670: Brandon Azad Phone Available for: Apple Watch Series 3 and later Impact: A user may be able to bypass the Emergency SOS passcode prompt Description: This issue was addressed with improved checks. CVE-2022-22618: Yicong Ding (@AntonioDing) Preferences Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to read other applications' settings Description: The issue was addressed with additional permissions checks. CVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) Safari Available for: Apple Watch Series 3 and later Impact: Visiting a malicious website may lead to address bar spoofing Description: A user interface issue was addressed. CVE-2022-22654: Abdullah Md Shaleh of take0ver Sandbox Available for: Apple Watch Series 3 and later Impact: A malicious application may be able to bypass certain Privacy preferences Description: The issue was addressed with improved permissions logic. CVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited, Khiem Tran Siri Available for: Apple Watch Series 3 and later Impact: A person with physical access to a device may be able to use Siri to obtain some location information from the lock screen Description: A permissions issue was addressed with improved validation. CVE-2022-22599: Andrew Goldberg of the University of Texas at Austin, McCombs School of Business (linkedin.com/andrew-goldberg/) UIKit Available for: Apple Watch Series 3 and later Impact: A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions Description: This issue was addressed with improved checks. CVE-2022-22621: Joey Hewitt WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management. WebKit Bugzilla: 232748 CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 232812 CVE-2022-22610: Quan Yin of Bigo Technology Live Client Team WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla 233172 CVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Bugzilla: 234147 CVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Available for: Apple Watch Series 3 and later Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 234966 CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative WebKit Available for: Apple Watch Series 3 and later Impact: A malicious website may cause unexpected cross-origin behavior Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 235294 CVE-2022-22637: Tom McKee of Google Additional recognition AirDrop We would like to acknowledge Omar Espino (omespino.com), Ron Masas of BreakPoint.sh for their assistance. Bluetooth We would like to acknowledge an anonymous researcher for their assistance. Face Gallery We would like to acknowledge Tian Zhang (@KhaosT) for their assistance. Safari We would like to acknowledge Konstantin Darutkin of FingerprintJS (fingerprintjs.com) for their assistance. Shortcuts We would like to acknowledge Baibhav Anand Jha of Streamers Land for their assistance. Siri We would like to acknowledge an anonymous researcher for their assistance. syslog We would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for their assistance. UIKit We would like to acknowledge Tim Shadel of Day Logger, Inc. for their assistance. Wallet We would like to acknowledge an anonymous researcher for their assistance. WebKit We would like to acknowledge Abdullah Md Shaleh for their assistance. WebKit Storage We would like to acknowledge Martin Bajanik of FingerprintJS for their assistance. Instructions on how to update your Apple Watch software are available at https://support.apple.com/kb/HT204641 To check the version on your Apple Watch, open the Apple Watch app on your iPhone and select "My Watch > General > About". Alternatively, on your watch, select "My Watch > General > About". All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIv0XwACgkQeC9qKD1p rhg7xg/+OVmgvQa8AfIpDqKoFyJQxRWv5eurCr0FWdtmUFmaqSZx1/gIGApxEIX9 Y2b9tEvhejRuUOkX4vpJcYvDsad6NvColSho5it16Hj3aRU3R4VseRmsVbaTwoap MQWRT+EHtB1zWOz9kGTFN6xScPVpnc18IrACQqO5SYB/ovvA6iNlee5OoQtWANd9 0Wm9/MHwVUng2MXmjeDNZ5C8cHt41W4/8brZFBqoThDeaGb+dx/KLNzlzIpN7ttC eCD2xXo6F+Q5uKUuwZHVm2g+PyV6CmeBtZYHGzGGo18fLLreBq7oUBf+KNzRxdTG x517r3SfjnwScVO/NJXa33fWHOrlNWvNwOHPsp1JgX1B/YVGSoJDIWxu3kAdOQ6b Z5ts7CIV8MOchvYG64UVO/Lt4e2/ABlkxF5vRD0k2KRIOWQh7mvTy0b4Reu2sbGF t088QoinhRgWU+JXYSUZ4Nex5lelcF9F2SlOh2CS+VmvfzatV0NiTTPTknP+2/pZ sLPO3oEmoqYczdviEtAZ3ghSrPWqqx1W2xBvnCTlteIZiIprgU/ZOcLaQiaHZ5c5 GKyxZCgguW40SzjrcdnbN9KSk+Pwta5oiKhzA43M+fl25jIic1rTvQIc91uL6/7O 9BSRyu2ZW0bfZEkgjPQF2ui4IBfZ81ayEsmh/e41JCbXnGvNFtY=K1Lq -----END PGP SIGNATURE-----