{"id":5740,"date":"2022-05-16T22:55:08","date_gmt":"2022-05-16T20:55:08","guid":{"rendered":"https:\/\/pr.gagadget.com\/apple-patches-dozens-of-security-flaws-with-ios-15-5-over-50-fixes-for-macos-12-4\/"},"modified":"2022-05-16T22:55:08","modified_gmt":"2022-05-16T20:55:08","slug":"apple-patches-dozens-of-security-flaws-with-ios-15-5-over-50-fixes-for-macos-12-4","status":"publish","type":"post","link":"https:\/\/pr.gagadget.com\/en\/apple-patches-dozens-of-security-flaws-with-ios-15-5-over-50-fixes-for-macos-12-4\/","title":{"rendered":"Apple patches dozens of security flaws with iOS 15.5, over 50 fixes for macOS 12.4"},"content":{"rendered":"
Apple patches dozens of security flaws with iOS 15.5, over 50 fixes for macOS 12.4<\/div>\n
\n
\n

Apple has released iOS 15.5, macOS 12.4, and more today with updates like new features for Apple Cash, the Podcasts app, and the Studio Display webcam fix. However, a bigger reason to update your devices is the security patches with today\u2019s releases. iOS 15.5 includes almost 30 security fixes while macOS 12.4 features over 50.<\/p>\n

<\/span>\n\t\t<\/p>\n

Apple shared all the details for the security fixes in its latest software for iPhone, iPad, Mac, and more on its support page<\/a>.<\/p>\n

For both iOS and Mac, many of the flaws could allow malicious apps to execute arbitrary code with kernel privileges. Another for iOS says \u201cA remote attacker may be able to cause unexpected application termination or arbitrary code execution.\u201d<\/p>\n

Specifically on Mac, one of the 50+ flaws fixed was that \u201cPhoto location information may persist after it is removed with Preview Inspector.\u201d<\/p>\n

Important security updates are also available for macOS Big Sur with 11.6.6, macOS Catalina, Xcode 13.4, and watchOS 8.6.<\/p>\n

You can read about all of the vulnerabilities fixed with the latest updates below:<\/p>\n

iOS and macOS security patches:<\/h2>\n
\n

iOS 15.5 and iPadOS 15.5<\/h3>\n

Released May 16, 2022<\/p>\n

AppleAVD<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A use after free issue was addressed with improved memory management.<\/p>\n

CVE-2022-26702: an anonymous researcher<\/p>\n

AppleGraphicsControl<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: Processing a maliciously crafted image may lead to arbitrary code execution<\/p>\n

Description: A memory corruption issue was addressed with improved input validation.<\/p>\n

CVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative<\/p>\n

AVEVideoEncoder<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: An out-of-bounds write issue was addressed with improved bounds checking.<\/p>\n

CVE-2022-26736: an anonymous researcher<\/p>\n

CVE-2022-26737: an anonymous researcher<\/p>\n

CVE-2022-26738: an anonymous researcher<\/p>\n

CVE-2022-26739: an anonymous researcher<\/p>\n

CVE-2022-26740: an anonymous researcher<\/p>\n

DriverKit<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A malicious application may be able to execute arbitrary code with system privileges<\/p>\n

Description: An out-of-bounds access issue was addressed with improved bounds checking.<\/p>\n

CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)<\/p>\n

GPU Drivers<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

CVE-2022-26744: an anonymous researcher<\/p>\n

ImageIO<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution<\/p>\n

Description: An integer overflow issue was addressed with improved input validation.<\/p>\n

CVE-2022-26711: actae0n of Blacksun Hackers Club working with Trend Micro Zero Day Initiative<\/p>\n

IOKit<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A race condition was addressed with improved locking.<\/p>\n

CVE-2022-26701: chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab<\/p>\n

IOMobileFrameBuffer<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

CVE-2022-26768: an anonymous researcher<\/p>\n

IOSurfaceAccelerator<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A malicious application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

CVE-2022-26771: an anonymous researcher<\/p>\n

Kernel<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved validation.<\/p>\n

CVE-2022-26714: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs (@starlabs_sg)<\/p>\n

Kernel<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A use after free issue was addressed with improved memory management.<\/p>\n

CVE-2022-26757: Ned Williamson of Google Project Zero<\/p>\n

Kernel<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations<\/p>\n

Description: A memory corruption issue was addressed with improved validation.<\/p>\n

CVE-2022-26764: Linus Henze of Pinauten GmbH (pinauten.de)<\/p>\n

Kernel<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication<\/p>\n

Description: A race condition was addressed with improved state handling.<\/p>\n

CVE-2022-26765: Linus Henze of Pinauten GmbH (pinauten.de)<\/p>\n

LaunchServices<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A sandboxed process may be able to circumvent sandbox restrictions<\/p>\n

Description: An access issue was addressed with additional sandbox restrictions on third-party applications.<\/p>\n

CVE-2022-26706: Arsenii Kostromin (0x3c3e)<\/p>\n

libxml2<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution<\/p>\n

Description: A use after free issue was addressed with improved memory management.<\/p>\n

CVE-2022-23308<\/p>\n

Notes<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: Processing a large input may lead to a denial of service<\/p>\n

Description: This issue was addressed with improved checks.<\/p>\n

CVE-2022-22673: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal<\/p>\n

Safari Private Browsing<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A malicious website may be able to track users in Safari private browsing mode<\/p>\n

Description: A logic issue was addressed with improved state management.<\/p>\n

CVE-2022-26731: an anonymous researcher<\/p>\n

Security<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A malicious app may be able to bypass signature validation<\/p>\n

Description: A certificate parsing issue was addressed with improved checks.<\/p>\n

CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)<\/p>\n

Shortcuts<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A person with physical access to an iOS device may be able to access photos from the lock screen<\/p>\n

Description: An authorization issue was addressed with improved state management.<\/p>\n

CVE-2022-26703: Salman Syed (@slmnsd551)<\/p>\n

WebKit<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: Processing maliciously crafted web content may lead to code execution<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

WebKit Bugzilla:\u00a0238178
CVE-2022-26700: ryuzaki<\/p>\n

WebKit<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: Processing maliciously crafted web content may lead to arbitrary code execution<\/p>\n

Description: A use after free issue was addressed with improved memory management.<\/p>\n

WebKit Bugzilla: 236950
CVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab<\/p>\n

WebKit Bugzilla:\u00a0237475
CVE-2022-26710: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab<\/p>\n

WebKit Bugzilla: 238171
CVE-2022-26717: Jeonghoon Shin of Theori<\/p>\n

WebKit<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: Processing maliciously crafted web content may lead to arbitrary code execution<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

WebKit Bugzilla: 238183
CVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab<\/p>\n

WebKit Bugzilla: 238699
CVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech<\/p>\n

WebRTC<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: Video self-preview in a webRTC call may be interrupted if the user answers a phone call<\/p>\n

Description: A logic issue in the handling of concurrent media was addressed with improved state handling.<\/p>\n

WebKit Bugzilla: 237524
CVE-2022-22677: an anonymous researcher<\/p>\n

Wi-Fi<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A malicious application may disclose restricted memory<\/p>\n

Description: A memory corruption issue was addressed with improved validation.<\/p>\n

CVE-2022-26745: an anonymous researcher<\/p>\n

Wi-Fi<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A malicious application may be able to elevate privileges<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

CVE-2022-26760: 08Tc3wBB of ZecOps Mobile EDR Team<\/p>\n

Wi-Fi<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A remote attacker may be able to cause a denial of service<\/p>\n

Description: This issue was addressed with improved checks.<\/p>\n

CVE-2015-4142: Kostya Kortchinsky of Google Security Team<\/p>\n

Wi-Fi<\/strong><\/p>\n

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)<\/p>\n

Impact: A malicious application may be able to execute arbitrary code with system privileges<\/p>\n

Description: A memory corruption issue was addressed with improved memory handling.<\/p>\n

CVE-2022-26762: Wang Yu of Cyberserval<\/p>\n

\"\"<\/figure>\n

Additional recognition<\/h2>\n

AppleMobileFileIntegrity<\/strong><\/p>\n

We would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.<\/p>\n

FaceTime<\/strong><\/p>\n

We would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.<\/p>\n

WebKit<\/strong><\/p>\n

We would like to acknowledge James Lee, an anonymous researcher for their assistance.<\/p>\n

Wi-Fi<\/strong><\/p>\n

We would like to acknowledge 08Tc3wBB of ZecOps Mobile EDR Team for their assistance.<\/p>\n

\n

macOS Monterey 12.4<\/h3>\n

Released May 16, 2022<\/p>\n

AMD<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

CVE-2022-26772: an anonymous researcher<\/p>\n

AMD<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A buffer overflow issue was addressed with improved memory handling.<\/p>\n

CVE-2022-26741: ABC Research s.r.o<\/p>\n

CVE-2022-26742: ABC Research s.r.o<\/p>\n

CVE-2022-26749: ABC Research s.r.o<\/p>\n

CVE-2022-26750: ABC Research s.r.o<\/p>\n

CVE-2022-26752: ABC Research s.r.o<\/p>\n

CVE-2022-26753: ABC Research s.r.o<\/p>\n

CVE-2022-26754: ABC Research s.r.o<\/p>\n

apache<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Multiple issues in apache<\/p>\n

Description: Multiple issues were addressed by updating apache to version 2.4.53.<\/p>\n

CVE-2021-44224<\/p>\n

CVE-2021-44790<\/p>\n

CVE-2022-22719<\/p>\n

CVE-2022-22720<\/p>\n

CVE-2022-22721<\/p>\n

AppleGraphicsControl<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing a maliciously crafted image may lead to arbitrary code execution<\/p>\n

Description: A memory corruption issue was addressed with improved input validation.<\/p>\n

CVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative<\/p>\n

AppleScript<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory<\/p>\n

Description: An out-of-bounds read issue was addressed with improved input validation.<\/p>\n

CVE-2022-26697: Qi Sun and Robert Ai of Trend Micro<\/p>\n

AppleScript<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory<\/p>\n

Description: An out-of-bounds read issue was addressed with improved bounds checking.<\/p>\n

CVE-2022-26698: Qi Sun of Trend Micro<\/p>\n

AVEVideoEncoder<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: An out-of-bounds write issue was addressed with improved bounds checking.<\/p>\n

CVE-2022-26736: an anonymous researcher<\/p>\n

CVE-2022-26737: an anonymous researcher<\/p>\n

CVE-2022-26738: an anonymous researcher<\/p>\n

CVE-2022-26739: an anonymous researcher<\/p>\n

CVE-2022-26740: an anonymous researcher<\/p>\n

Contacts<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A plug-in may be able to inherit the application\u2019s permissions and access user data<\/p>\n

Description: This issue was addressed with improved checks.<\/p>\n

CVE-2022-26694: Wojciech Regu\u0142a (@_r3ggi) of SecuRing<\/p>\n

CVMS<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to gain root privileges<\/p>\n

Description: A memory initialization issue was addressed.<\/p>\n

CVE-2022-26721: Yonghwi Jin (@jinmo123) of Theori<\/p>\n

CVE-2022-26722: Yonghwi Jin (@jinmo123) of Theori<\/p>\n

DriverKit<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to execute arbitrary code with system privileges<\/p>\n

Description: An out-of-bounds access issue was addressed with improved bounds checking.<\/p>\n

CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)<\/p>\n

ImageIO<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution<\/p>\n

Description: An integer overflow issue was addressed with improved input validation.<\/p>\n

CVE-2022-26711: actae0n of Blacksun Hackers Club working with Trend Micro Zero Day Initiative<\/p>\n

ImageIO<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Photo location information may persist after it is removed with Preview Inspector<\/p>\n

Description: A logic issue was addressed with improved state management.<\/p>\n

CVE-2022-26725: Andrew Williams and Avi Drissman of Google<\/p>\n

Intel Graphics Driver<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: An out-of-bounds write issue was addressed with improved bounds checking.<\/p>\n

CVE-2022-26720: Liu Long of Ant Security Light-Year Lab<\/p>\n

Intel Graphics Driver<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved input validation.<\/p>\n

CVE-2022-26769: Antonio Zekic (@antoniozekic)<\/p>\n

Intel Graphics Driver<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: An out-of-bounds read issue was addressed with improved input validation.<\/p>\n

CVE-2022-26770: Liu Long of Ant Security Light-Year Lab<\/p>\n

Intel Graphics Driver<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing maliciously crafted web content may lead to arbitrary code execution<\/p>\n

Description: An out-of-bounds write issue was addressed with improved input validation.<\/p>\n

CVE-2022-26748: Jeonghoon Shin of Theori working with Trend Micro Zero Day Initiative<\/p>\n

Intel Graphics Driver<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: An out-of-bounds write issue was addressed with improved input validation.<\/p>\n

CVE-2022-26756: Jack Dates of RET2 Systems, Inc<\/p>\n

IOKit<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A race condition was addressed with improved locking.<\/p>\n

CVE-2022-26701: chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab<\/p>\n

IOMobileFrameBuffer<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

CVE-2022-26768: an anonymous researcher<\/p>\n

Kernel<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An attacker that has already achieved code execution in macOS Recovery may be able to escalate to kernel privileges<\/p>\n

Description: An out-of-bounds write issue was addressed with improved bounds checking.<\/p>\n

CVE-2022-26743: Jordy Zomer (@pwningsystems)<\/p>\n

Kernel<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved validation.<\/p>\n

CVE-2022-26714: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng (@peternguyen14) of STAR Labs (@starlabs_sg)<\/p>\n

Kernel<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A use after free issue was addressed with improved memory management.<\/p>\n

CVE-2022-26757: Ned Williamson of Google Project Zero<\/p>\n

Kernel<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations<\/p>\n

Description: A memory corruption issue was addressed with improved validation.<\/p>\n

CVE-2022-26764: Linus Henze of Pinauten GmbH (pinauten.de)<\/p>\n

Kernel<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication<\/p>\n

Description: A race condition was addressed with improved state handling.<\/p>\n

CVE-2022-26765: Linus Henze of Pinauten GmbH (pinauten.de)<\/p>\n

LaunchServices<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A sandboxed process may be able to circumvent sandbox restrictions<\/p>\n

Description: An access issue was addressed with additional sandbox restrictions on third-party applications.<\/p>\n

CVE-2022-26706: Arsenii Kostromin (0x3c3e)<\/p>\n

LaunchServices<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to bypass Privacy preferences<\/p>\n

Description: The issue was addressed with additional permissions checks.<\/p>\n

CVE-2022-26767: Wojciech Regu\u0142a (@_r3ggi) of SecuRing<\/p>\n

libresolv<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution<\/p>\n

Description: This issue was addressed with improved checks.<\/p>\n

CVE-2022-26776: Zubair Ashraf of Crowdstrike, Max Shavrick (@_mxms) of the Google Security Team<\/p>\n

CVE-2022-26708: Max Shavrick (@_mxms) of the Google Security Team<\/p>\n

libresolv<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution<\/p>\n

Description: An integer overflow was addressed with improved input validation.<\/p>\n

CVE-2022-26775: Max Shavrick (@_mxms) of the Google Security Team<\/p>\n

LibreSSL<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing a maliciously crafted certificate may lead to a denial of service<\/p>\n

Description: A denial of service issue was addressed with improved input validation.<\/p>\n

CVE-2022-0778<\/p>\n

libxml2<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution<\/p>\n

Description: A use after free issue was addressed with improved memory management.<\/p>\n

CVE-2022-23308<\/p>\n

OpenSSL<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing a maliciously crafted certificate may lead to a denial of service<\/p>\n

Description: This issue was addressed with improved checks.<\/p>\n

CVE-2022-0778<\/p>\n

PackageKit<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to modify protected parts of the file system<\/p>\n

Description: This issue was addressed by removing the vulnerable code.<\/p>\n

CVE-2022-26712: Mickey Jin (@patch1t)<\/p>\n

PackageKit<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to modify protected parts of the file system<\/p>\n

Description: This issue was addressed with improved entitlements.<\/p>\n

CVE-2022-26727: Mickey Jin (@patch1t)<\/p>\n

Preview<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A plug-in may be able to inherit the application\u2019s permissions and access user data<\/p>\n

Description: This issue was addressed with improved checks.<\/p>\n

CVE-2022-26693: Wojciech Regu\u0142a (@_r3ggi) of SecuRing<\/p>\n

Printing<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to bypass Privacy preferences<\/p>\n

Description: This issue was addressed by removing the vulnerable code.<\/p>\n

CVE-2022-26746: @gorelics<\/p>\n

Safari Private Browsing<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious website may be able to track users in Safari private browsing mode<\/p>\n

Description: A logic issue was addressed with improved state management.<\/p>\n

CVE-2022-26731: an anonymous researcher<\/p>\n

Security<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious app may be able to bypass signature validation<\/p>\n

Description: A certificate parsing issue was addressed with improved checks.<\/p>\n

CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)<\/p>\n

SMB<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to gain elevated privileges<\/p>\n

Description: An out-of-bounds write issue was addressed with improved bounds checking.<\/p>\n

CVE-2022-26715: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs<\/p>\n

SMB<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to gain elevated privileges<\/p>\n

Description: An out-of-bounds read issue was addressed with improved input validation.<\/p>\n

CVE-2022-26718: Peter Nguy\u1ec5n V\u0169 Ho\u00e0ng of STAR Labs<\/p>\n

SMB<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Mounting a maliciously crafted Samba network share may lead to arbitrary code execution<\/p>\n

Description: A memory corruption issue was addressed with improved input validation.<\/p>\n

CVE-2022-26723: Felix Poulin-Belanger<\/p>\n

SoftwareUpdate<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to access restricted files<\/p>\n

Description: This issue was addressed with improved entitlements.<\/p>\n

CVE-2022-26728: Mickey Jin (@patch1t)<\/p>\n

Spotlight<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An app may be able to gain elevated privileges<\/p>\n

Description: A validation issue existed in the handling of symlinks and was addressed with improved validation of symlinks.<\/p>\n

CVE-2022-26704: an anonymous researcher<\/p>\n

TCC<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An app may be able to capture a user\u2019s screen<\/p>\n

Description: This issue was addressed with improved checks.<\/p>\n

CVE-2022-26726: an anonymous researcher<\/p>\n

Tcl<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to break out of its sandbox<\/p>\n

Description: This issue was addressed with improved environment sanitization.<\/p>\n

CVE-2022-26755: Arsenii Kostromin (0x3c3e)<\/p>\n

WebKit<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing maliciously crafted web content may lead to code execution<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

WebKit Bugzilla: 238178
CVE-2022-26700: ryuzaki<\/p>\n

WebKit<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing maliciously crafted web content may lead to arbitrary code execution<\/p>\n

Description: A use after free issue was addressed with improved memory management.<\/p>\n

WebKit Bugzilla: 236950
CVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab<\/p>\n

WebKit Bugzilla: 237475
CVE-2022-26710: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab<\/p>\n

WebKit Bugzilla: 238171
CVE-2022-26717: Jeonghoon Shin of Theori<\/p>\n

WebKit<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing maliciously crafted web content may lead to arbitrary code execution<\/p>\n

Description: A memory corruption issue was addressed with improved state management.<\/p>\n

WebKit Bugzilla: 238183
CVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab<\/p>\n

WebKit Bugzilla: 238699
CVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech<\/p>\n

WebRTC<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Video self-preview in a webRTC call may be interrupted if the user answers a phone call<\/p>\n

Description: A logic issue in the handling of concurrent media was addressed with improved state handling.<\/p>\n

WebKit Bugzilla: 237524
CVE-2022-22677: an anonymous researcher<\/p>\n

Wi-Fi<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may disclose restricted memory<\/p>\n

Description: A memory corruption issue was addressed with improved validation.<\/p>\n

CVE-2022-26745: an anonymous researcher<\/p>\n

Wi-Fi<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An application may be able to execute arbitrary code with kernel privileges<\/p>\n

Description: A memory corruption issue was addressed with improved memory handling.<\/p>\n

CVE-2022-26761: Wang Yu of Cyberserval<\/p>\n

Wi-Fi<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A malicious application may be able to execute arbitrary code with system privileges<\/p>\n

Description: A memory corruption issue was addressed with improved memory handling.<\/p>\n

CVE-2022-26762: Wang Yu of Cyberserval<\/p>\n

zip<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: Processing a maliciously crafted file may lead to a denial of service<\/p>\n

Description: A denial of service issue was addressed with improved state handling.<\/p>\n

CVE-2022-0530<\/p>\n

zlib<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: An attacker may be able to cause unexpected application termination or arbitrary code execution<\/p>\n

Description: A memory corruption issue was addressed with improved input validation.<\/p>\n

CVE-2018-25032: Tavis Ormandy<\/p>\n

zsh<\/strong><\/p>\n

Available for: macOS Monterey<\/p>\n

Impact: A remote attacker may be able to cause arbitrary code execution<\/p>\n

Description: This issue was addressed by updating to zsh version 5.8.1.<\/p>\n

CVE-2021-45444<\/p>\n

\"\"<\/figure>\n

Additional recognition<\/h2>\n

AppleMobileFileIntegrity<\/strong><\/p>\n

We would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.<\/p>\n

Bluetooth<\/strong><\/p>\n

We would like to acknowledge Jann Horn of Project Zero for their assistance.<\/p>\n

Calendar<\/strong><\/p>\n

We would like to acknowledge Eugene Lim of Government Technology Agency of Singapore for their assistance.<\/p>\n

FaceTime<\/strong><\/p>\n

We would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.<\/p>\n

FileVault<\/strong><\/p>\n

We would like to acknowledge Benjamin Adolphi of Promon Germany GmbH for their assistance.<\/p>\n

Login Window<\/strong><\/p>\n

We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.<\/p>\n

Photo Booth<\/strong><\/p>\n

We would like to acknowledge Wojciech Regu\u0142a (@_r3ggi) of SecuRing for their assistance.<\/p>\n

System Preferences<\/strong><\/p>\n

We would like to acknowledge Mohammad Tausif Siddiqui (@toshsiddiqui), an anonymous researcher for their assistance.<\/p>\n

WebKit<\/strong><\/p>\n

We would like to acknowledge James Lee, an anonymous researcher for their assistance.<\/p>\n

Wi-Fi<\/strong><\/p>\n

We would like to acknowledge Dana Morrison for their assistance.<\/p>\n

\n

\n\t\t\t\t\t<\/div>\n<\/div>\n

https:\/\/i0.wp.com\/9to5mac.com\/wp-content\/uploads\/sites\/6\/2021\/07\/apple-security.jpg?resize=1200%2C628&quality=82&strip=all&ssl=1<\/div>\n
https:\/\/9to5mac.com\/2022\/05\/16\/apple-patches-27-security-flaws-ios-15-5\/<\/div>\n","protected":false},"excerpt":{"rendered":"

Apple patches dozens of security flaws with iOS 15.5, over 50 fixes for macOS 12.4 Apple has released iOS 15.5, macOS 12.4, and more today with updates like new features for Apple Cash, the Podcasts app, and the Studio Display webcam fix. However, a bigger reason to update your devices is the security patches with […]<\/p>\n","protected":false},"author":1,"featured_media":5741,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"_links":{"self":[{"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/posts\/5740"}],"collection":[{"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/comments?post=5740"}],"version-history":[{"count":0,"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/posts\/5740\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/media\/5741"}],"wp:attachment":[{"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/media?parent=5740"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/categories?post=5740"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pr.gagadget.com\/en\/wp-json\/wp\/v2\/tags?post=5740"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}