Apple Tvos16.2 vulnerabilities

CVE-2022-42842 [CRITICAL] CVE-2022-42842: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-42842 Component: Kernel Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling.

CVE-2022-42837 [CRITICAL] CVE-2022-42837: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-42837 Component: IOMobileFrameBuffer Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2022-46689 [HIGH] CVE-2022-46689: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46689 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with additional validation.

CVE-2022-46691 [HIGH] CVE-2022-46691: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46691 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-46700 [HIGH] CVE-2022-46700: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46700 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-42867 [HIGH] CVE-2022-42867: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-42867 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management.

CVE-2022-46690 [HIGH] CVE-2022-46690: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46690 Component: IOMobileFrameBuffer Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2022-40304 [HIGH] CVE-2022-40304: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-40304 Component: Kernel Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1. Description: The issue was addressed with improved checks.

CVE-2022-46694 [HIGH] CVE-2022-46694: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46694 Component: AppleAVD Impact: Parsing a maliciously crafted video file may lead to kernel code execution Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2022-46699 [HIGH] CVE-2022-46699: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46699 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management.

CVE-2022-46696 [HIGH] CVE-2022-46696: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46696 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-42863 [HIGH] CVE-2022-42863: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-42863 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management.

CVE-2022-46693 [HIGH] CVE-2022-46693: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46693 Component: ImageIO Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation.

CVE-2022-43454 [HIGH] CVE-2022-43454: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-43454 Component: Kernel Impact: An app may be able to execute arbitrary code with kernel privileges Description: A double free issue was addressed with improved memory management.

CVE-2022-40303 [HIGH] CVE-2022-40303: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-40303 Component: Kernel Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1. Description: The issue was addressed with improved checks.

CVE-2022-46701 [HIGH] CVE-2022-46701: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-46701 Component: Kernel Impact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges Description: The issue was addressed with improved bounds checks.

CVE-2022-42856 [HIGH] CVE-2022-42856: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-42856 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1. Description: A type confusion issue was addressed with improved state handling.

CVE-2022-42864 [HIGH] CVE-2022-42864: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-42864 Component: IOHIDFamily Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling.

CVE-2022-42845 [HIGH] CVE-2022-42845: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-42845 Component: Kernel Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling.

CVE-2022-42855 [HIGH] CVE-2022-42855: tvOS16.2 Apple Security Update: About the security content of tvOS16.2 Product: tvOS16.2 CVE: CVE-2022-42855 Component: Preferences Impact: An app may be able to use arbitrary entitlements Description: A logic issue was addressed with improved state management.