CVE-2022-32788Classic Buffer Overflow in Apple Macos

CWE-120Classic Buffer Overflow6 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.9%
top 23.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
7
Apple MacosApple TvosApple Watchos+4 more
Timeline
PublishedSep 20
Latest updateSep 21

Description

A buffer overflow was addressed with improved bounds checking. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. A remote user may be able to cause kernel code execution.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages12 packages

CVEListV5apple/tvosunspecified15.6
NVDapple/tvos< 15.6
CVEListV5apple/macosunspecified12.5
NVDapple/macos12.0.012.5

🔴Vulnerability Details

1
GHSA
GHSA-c5cp-85fr-hmg9: A buffer overflow was addressed with improved bounds checking2022-09-21

📋Vendor Advisories

4
Apple
CVE-2022-32788: iOS 15.6 and iPadOS 15.62022-07-20
Apple
CVE-2022-32788: watchOS 8.72022-07-20
Apple
CVE-2022-32788: macOS Monterey 12.52022-07-20
Apple
CVE-2022-32788: tvOS 15.62022-07-20