CVE-2022-32844
6.3
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apple | tvOS | unspecified < 15.6 | affected |
| Apple | watchOS | unspecified < 8.7 | affected |
| Apple | watchOS | unspecified < 15.6 | affected |
| Apple | watchOS | unspecified < 15.6 | affected |
Weaknesses
- An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication
ADP Enrichment
CVE Program Container
Additional References
- https://support.apple.com/en-us/HT213340
- https://support.apple.com/en-us/HT213342
- https://support.apple.com/en-us/HT213346
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://support.apple.com/en-us/HT213340
- https://support.apple.com/en-us/HT213342
- https://support.apple.com/en-us/HT213346
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.