Apple Security Update 2022-005 Catalina vulnerabilities

CVE-2022-32847 [CRITICAL] CVE-2022-32847: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32847 Component: Wi-Fi Impact: A remote user may be able to cause unexpected system termination or corrupt kernel memory Description: This issue was addressed with improved checks.

CVE-2022-32839 [CRITICAL] CVE-2022-32839: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32839 Component: CoreText Impact: A remote user may cause an unexpected app termination or arbitrary code execution Description: The issue was addressed with improved bounds checks.

CVE-2022-32853 [HIGH] CVE-2022-32853: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32853 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2022-32826 [HIGH] CVE-2022-32826: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32826 Component: AppleMobileFileIntegrity Impact: An app may be able to gain root privileges Description: An authorization issue was addressed with improved state management.

CVE-2022-32819 [HIGH] CVE-2022-32819: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32819 Component: File System Events Impact: An app may be able to gain root privileges Description: A logic issue was addressed with improved state management.

CVE-2021-4136 [HIGH] CVE-2021-4136: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2021-4136 Component: CVE-2021-4136

CVE-2022-32807 [HIGH] CVE-2022-32807: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32807 Component: Spindump Impact: An app may be able to overwrite arbitrary files Description: This issue was addressed with improved file handling.

CVE-2022-26704 [HIGH] CVE-2022-26704: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-26704 Component: Spotlight Impact: An app may be able to gain elevated privileges Description: A validation issue in the handling of symlinks was addressed with improved validation of symlinks.

CVE-2021-4173 [HIGH] CVE-2021-4173: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2021-4173 Component: CVE-2021-4173

CVE-2022-32860 [HIGH] CVE-2022-32860: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32860 Component: Wi-Fi Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation.

CVE-2022-32811 [HIGH] CVE-2022-32811: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32811 Component: Intel Graphics Driver Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2021-4166 [HIGH] CVE-2021-4166: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2021-4166 Component: CVE-2021-4166

CVE-2022-32843 [HIGH] CVE-2022-32843: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32843 Component: PS Normalizer Impact: Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32831 [HIGH] CVE-2022-32831: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32831 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2022-32851 [HIGH] CVE-2022-32851: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32851 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2022-32910 [HIGH] CVE-2022-32910: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32910 Component: Archive Utility Impact: An archive may be able to bypass Gatekeeper Description: A logic issue was addressed with improved checks.

CVE-2022-32842 [HIGH] CVE-2022-32842: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32842 Component: SMB Impact: An app may be able to gain elevated privileges Description: An out-of-bounds read issue was addressed with improved input validation.

CVE-2022-32797 [HIGH] CVE-2022-32797: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32797 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory Description: This issue was addressed with improved checks.

CVE-2022-32812 [HIGH] CVE-2022-32812: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32812 Component: Intel Graphics Driver Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-32787 [HIGH] CVE-2022-32787: Security Update 2022-005 Catalina Apple Security Update: About the security content of Security Update 2022-005 Catalina Product: Security Update 2022-005 Catalina CVE: CVE-2022-32787 Component: ICU Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking.