CVE-2022-42864
published 2022-12-15CVE-2022-42864: A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2…
PriorityP182high7CVSS 3.1
AVLACHPRNUIRSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.86%
53.8th percentile
A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.
Affected
22 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_15.7.2_and_ipados | — | — |
| apple | ios_16.2_and_ipados | — | — |
| apple | ipados | < 15.7.2 | 15.7.2 |
| apple | ipados | >= 16.0 < 16.2 | 16.2 |
| apple | iphone_os | < 15.7.2 | 15.7.2 |
| apple | iphone_os | >= 16.0 < 16.2 | 16.2 |
| apple | macos | < 11.7.2 | 11.7.2 |
| apple | macos | — | — |
| apple | macos | >= 12.0 < 12.6.2 | 12.6.2 |
| apple | macos | >= unspecified < 11.7 | 11.7 |
| apple | macos_big_sur | — | — |
| apple | macos_monterey | — | — |
| apple | macos_ventura | — | — |
| apple | tvos | < 16.2 | 16.2 |
| apple | tvos | >= unspecified < 16.2 | 16.2 |
| apple | tvos | >= unspecified < 13.1 | 13.1 |
| apple | tvos | >= unspecified < 12.6 | 12.6 |
| apple | tvos | >= unspecified < 15.7 | 15.7 |
| apple | tvos16.2 | — | — |
| apple | watchos | < 9.2 | 9.2 |
| apple | watchos | — | — |
| apple | watchos | >= unspecified < 9.2 | 9.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerable component is IOHIDFamily kernel extension; monitor for unexpected process interactions with IOHIDFamily that could indicate race condition exploitation leading to kernel-level code execution. ↗
- ·Vulnerability affects multiple Apple platforms; patched versions are tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2, iPadOS 15.7.2, iOS 16.2, iPadOS 16.2, and watchOS 9.2. Devices running older versions remain vulnerable. ↗
CVSS provenance
nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck7.0HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Apple
CVE-2022-42864: iOS 16.2 and iPadOS 16.2
vendor_apple·2022-12-13·CVSS 7.0
CVE-2022-42864 [HIGH] CVE-2022-42864: iOS 16.2 and iPadOS 16.2
Apple Security Update: About the security content of iOS 16.2 and iPadOS 16.2
Product: iOS 16.2 and iPadOS
Version: 16.2
CVE: CVE-2022-42864
Component: IOHIDFamily
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
Apple
CVE-2022-42864: iOS 15.7.2 and iPadOS 15.7.2
vendor_apple·2022-12-13·CVSS 7.0
CVE-2022-42864 [HIGH] CVE-2022-42864: iOS 15.7.2 and iPadOS 15.7.2
Apple Security Update: About the security content of iOS 15.7.2 and iPadOS 15.7.2
Product: iOS 15.7.2 and iPadOS
Version: 15.7.2
CVE: CVE-2022-42864
Component: IOHIDFamily
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
Apple
CVE-2022-42864: macOS Big Sur 11.7.2
vendor_apple·2022-12-13·CVSS 7.0
CVE-2022-42864 [HIGH] CVE-2022-42864: macOS Big Sur 11.7.2
Apple Security Update: About the security content of macOS Big Sur 11.7.2
Product: macOS Big Sur
Version: 11.7.2
CVE: CVE-2022-42864
Component: IOHIDFamily
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
Apple
CVE-2022-42864: tvOS16.2
vendor_apple·2022-12-13·CVSS 7.0
CVE-2022-42864 [HIGH] CVE-2022-42864: tvOS16.2
Apple Security Update: About the security content of tvOS16.2
Product: tvOS16.2
CVE: CVE-2022-42864
Component: IOHIDFamily
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
Apple
CVE-2022-42864: watchOS 9.2
vendor_apple·2022-12-13·CVSS 7.0
CVE-2022-42864 [HIGH] CVE-2022-42864: watchOS 9.2
Apple Security Update: About the security content of watchOS 9.2
Product: watchOS
Version: 9.2
CVE: CVE-2022-42864
Component: IOHIDFamily
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
Apple
CVE-2022-42864: macOS Monterey 12.6.2
vendor_apple·2022-12-13·CVSS 7.0
CVE-2022-42864 [HIGH] CVE-2022-42864: macOS Monterey 12.6.2
Apple Security Update: About the security content of macOS Monterey 12.6.2
Product: macOS Monterey
Version: 12.6.2
CVE: CVE-2022-42864
Component: IOHIDFamily
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
Apple
CVE-2022-42864: macOS Ventura 13.1
vendor_apple·2022-12-13·CVSS 7.0
CVE-2022-42864 [HIGH] CVE-2022-42864: macOS Ventura 13.1
Apple Security Update: About the security content of macOS Ventura 13.1
Product: macOS Ventura
Version: 13.1
CVE: CVE-2022-42864
Component: IOHIDFamily
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
GHSA
GHSA-g6qw-hmvp-hf86: A race condition was addressed with improved state handling
ghsa_unreviewed·2022-12-15
CVE-2022-42864 [HIGH] CWE-362 GHSA-g6qw-hmvp-hf86: A race condition was addressed with improved state handling
A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.
VulnCheck
Apple ipados Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
vulncheck·2022·CVSS 7.0
CVE-2022-42864 [HIGH] Apple ipados Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Apple ipados Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.
Affected: Apple ipados
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://support.apple.com/kb/HT213531
Exploit PoC: https://vulncheck.com/xdb/27a9c733f5aa
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2022/Dec/20http://seclists.org/fulldisclosure/2022/Dec/21http://seclists.org/fulldisclosure/2022/Dec/23http://seclists.org/fulldisclosure/2022/Dec/24http://seclists.org/fulldisclosure/2022/Dec/25http://seclists.org/fulldisclosure/2022/Dec/26http://seclists.org/fulldisclosure/2022/Dec/27https://support.apple.com/en-us/HT213530https://support.apple.com/en-us/HT213531https://support.apple.com/en-us/HT213532https://support.apple.com/en-us/HT213533https://support.apple.com/en-us/HT213534https://support.apple.com/en-us/HT213535https://support.apple.com/en-us/HT213536http://seclists.org/fulldisclosure/2022/Dec/20http://seclists.org/fulldisclosure/2022/Dec/21http://seclists.org/fulldisclosure/2022/Dec/23http://seclists.org/fulldisclosure/2022/Dec/24http://seclists.org/fulldisclosure/2022/Dec/25http://seclists.org/fulldisclosure/2022/Dec/26http://seclists.org/fulldisclosure/2022/Dec/27https://support.apple.com/en-us/HT213530https://support.apple.com/en-us/HT213531https://support.apple.com/en-us/HT213532https://support.apple.com/en-us/HT213533https://support.apple.com/en-us/HT213534https://support.apple.com/en-us/HT213535https://support.apple.com/en-us/HT213536
2022-12-15
Published
Exploited in the wild