CVE-2022-32844

Summary

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication.

Affected Software

VendorProductVersion RangeStatus
AppletvOSunspecified < 15.6affected
ApplewatchOSunspecified < 8.7affected
ApplewatchOSunspecified < 15.6affected
ApplewatchOSunspecified < 15.6affected

Weaknesses

  • An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References