ID

VAR-202203-0116


CVE

CVE-2022-22641


TITLE

Apple iOS and Apple iPadOS Resource Management Error Vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202203-1256

DESCRIPTION

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-03-14-3 tvOS 15.4 tvOS 15.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213186. AppleAVD Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory corruption issue was addressed with improved validation. CVE-2022-22666: Marc Schoenefeld, Dr. rer. nat. AVEVideoEncoder Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow was addressed with improved bounds checking. CVE-2022-22634: an anonymous researcher AVEVideoEncoder Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to gain elevated privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22635: an anonymous researcher AVEVideoEncoder Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22636: an anonymous researcher ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2022-22611: Xingyu Jin of Google ImageIO Available for: Apple TV 4K and Apple TV HD Impact: Processing a maliciously crafted image may lead to heap corruption Description: A memory consumption issue was addressed with improved memory handling. CVE-2022-22612: Xingyu Jin of Google IOGPUFamily Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to gain elevated privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22641: Mohamed Ghannam (@_simo36) Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22613: Alex, an anonymous researcher Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2022-22614: an anonymous researcher CVE-2022-22615: an anonymous researcher Kernel Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved state management. CVE-2022-22632: Keegan Saunders Kernel Available for: Apple TV 4K and Apple TV HD Impact: An attacker in a privileged position may be able to perform a denial of service attack Description: A null pointer dereference was addressed with improved validation. CVE-2022-22638: derrek (@derrekr6) Kernel Available for: Apple TV 4K and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved validation. CVE-2022-22640: sqrtpwn MediaRemote Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to identify what other applications a user has installed Description: An access issue was addressed with improved access restrictions. CVE-2022-22670: Brandon Azad Preferences Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to read other applications' settings Description: The issue was addressed with additional permissions checks. CVE-2022-22609: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) Sandbox Available for: Apple TV 4K and Apple TV HD Impact: A malicious application may be able to bypass certain Privacy preferences Description: The issue was addressed with improved permissions logic. CVE-2022-22600: Sudhakar Muthumani of Primefort Private Limited, Khiem Tran UIKit Available for: Apple TV 4K and Apple TV HD Impact: A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions Description: This issue was addressed with improved checks. CVE-2022-22621: Joey Hewitt WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A cookie management issue was addressed with improved state management. WebKit Bugzilla: 232748 CVE-2022-22662: Prakash (@1lastBr3ath) of Threat Nix WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 232812 CVE-2022-22610: Quan Yin of Bigo Technology Live Client Team WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 233172 CVE-2022-22624: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Bugzilla: 234147 CVE-2022-22628: Kirin (@Pwnrin) of Tencent Security Xuanwu Lab WebKit Available for: Apple TV 4K and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla: 234966 CVE-2022-22629: Jeonghoon Shin at Theori working with Trend Micro Zero Day Initiative WebKit Available for: Apple TV 4K and Apple TV HD Impact: A malicious website may cause unexpected cross-origin behavior Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 235294 CVE-2022-22637: Tom McKee of Google Additional recognition Bluetooth We would like to acknowledge an anonymous researcher for their assistance. Siri We would like to acknowledge an anonymous researcher for their assistance syslog We would like to acknowledge Yonghwi Jin (@jinmo123) of Theori for their assistance. UIKit We would like to acknowledge Tim Shadel of Day Logger, Inc. for their assistance. WebKit We would like to acknowledge Abdullah Md Shaleh for their assistance. WebKit Storage We would like to acknowledge Martin Bajanik of FingerprintJS for their assistance. Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmIvyxIACgkQeC9qKD1p rhhDUg//VwUVUUj92pmEmjbj52uKnb1RZohn9dfkA9bESMzRy7wFwMUN973V2SPw T6JpgCab0ZVNxBIfEXJq7wbi2Io08N0UMCE5GPNV0QL79x6ZmYwZREZwdHghrHGh ggQtmYSZPipKLhvVOyXF7PamqHonnibbvfC/iWJSySnmPxQoHG7DoCzrX0wOnVBw dkHEstKVo3eo2/OG/mGhYZw/g8EIAIDQbgP4XTD/m3hRnXbRMFff+7PgaE8cZzdY 45q8ExwqNOTdFoeqsKNmPBIzZJau9fWlekUlGpPXC1ASsiXmiptwvy07RbNLZ1N2 j2lFcLj7Ikzwiwsd7MBIFAMP0OWrT4Ds6YWdcgNX2iBkNoheqqt7AP4kOUnDP28Z VXUriTbra9oPM0ctbZTBrmj7xiYjLbMJ4GRu2kIyGyTG9Wu9xEa3KH5Po1OR1Pxg zG4gXdRIE241E26uee648uIFHhxRcgSdygXANnzkFv5/YslqQdccRD1F6FrJwqgn V+ZFZ17zUhGW37F6Dmnd9LIo9GuiLl14qr1qfUoaQ+J+il2EV1UAv780wxQOuc4I ZnvU4rEjaGmHwSh4/GDUTRFkI/fiA39WYpPkgXKN5yqHJG7AGENaROz3jnOxr/xU JlVOleG7Z6MGdLwHG1i4QaBYrzadFZM20WsEOZ2twQzTVMQUyGk=qxuS -----END PGP SIGNATURE-----

Trust: 1.17

sources: NVD: CVE-2022-22641 // VULHUB: VHN-411269 // VULMON: CVE-2022-22641 // PACKETSTORM: 166316

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:12.3

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.4

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.4

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.4

Trust: 1.0

sources: NVD: CVE-2022-22641

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-22641
value: CRITICAL

Trust: 1.0

CNNVD: CNNVD-202203-1256
value: CRITICAL

Trust: 0.6

VULHUB: VHN-411269
value: HIGH

Trust: 0.1

VULMON: CVE-2022-22641
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2022-22641
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-411269
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2022-22641
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-411269 // VULMON: CVE-2022-22641 // CNNVD: CNNVD-202203-1256 // NVD: CVE-2022-22641

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.1

sources: VULHUB: VHN-411269 // NVD: CVE-2022-22641

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202203-1256

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202203-1256

PATCH

title:Apple iOS and Apple iPadOS Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=186770

Trust: 0.6

title:Apple: iOS 15.4 and iPadOS 15.4url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=14b60b166a667fc4faf52d81847a180a

Trust: 0.1

title:Apple: macOS Monterey 12.3url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=f1105c4a20da11497b610b14a1668180

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-23305

Trust: 0.1

title:CVE-2022-XXXXurl:https://github.com/AlphabugX/CVE-2022-RCE

Trust: 0.1

sources: VULMON: CVE-2022-22641 // CNNVD: CNNVD-202203-1256

EXTERNAL IDS

db:NVDid:CVE-2022-22641

Trust: 1.9

db:PACKETSTORMid:166316

Trust: 0.8

db:CS-HELPid:SB2022031437

Trust: 0.6

db:CNNVDid:CNNVD-202203-1256

Trust: 0.6

db:VULHUBid:VHN-411269

Trust: 0.1

db:VULMONid:CVE-2022-22641

Trust: 0.1

sources: VULHUB: VHN-411269 // VULMON: CVE-2022-22641 // PACKETSTORM: 166316 // CNNVD: CNNVD-202203-1256 // NVD: CVE-2022-22641

REFERENCES

url:https://support.apple.com/en-us/ht213182

Trust: 2.4

url:https://support.apple.com/en-us/ht213183

Trust: 1.8

url:https://support.apple.com/en-us/ht213186

Trust: 1.8

url:https://vigilance.fr/vulnerability/apple-ios-macos-multiple-vulnerabilities-37800

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2022031437

Trust: 0.6

url:https://packetstormsecurity.com/files/166316/apple-security-advisory-2022-03-14-3.html

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-22641/

Trust: 0.6

url:https://cwe.mitre.org/data/definitions/416.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://support.apple.com/kb/ht213182

Trust: 0.1

url:https://github.com/alphabugx/cve-2022-23305

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22609

Trust: 0.1

url:https://support.apple.com/ht213186.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22629

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22612

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22610

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22670

Trust: 0.1

url:https://support.apple.com/en-us/ht201222.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22628

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22641

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22634

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22637

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22666

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22636

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22613

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22621

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22600

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22640

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22638

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22611

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22624

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22632

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22615

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22635

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22614

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-22662

Trust: 0.1

sources: VULHUB: VHN-411269 // VULMON: CVE-2022-22641 // PACKETSTORM: 166316 // CNNVD: CNNVD-202203-1256 // NVD: CVE-2022-22641

CREDITS

Apple

Trust: 0.1

sources: PACKETSTORM: 166316

SOURCES

db:VULHUBid:VHN-411269
db:VULMONid:CVE-2022-22641
db:PACKETSTORMid:166316
db:CNNVDid:CNNVD-202203-1256
db:NVDid:CVE-2022-22641

LAST UPDATE DATE

2024-08-14T12:05:32.687000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-411269date:2022-03-24T00:00:00
db:VULMONid:CVE-2022-22641date:2022-03-24T00:00:00
db:CNNVDid:CNNVD-202203-1256date:2022-03-25T00:00:00
db:NVDid:CVE-2022-22641date:2022-03-24T16:56:36.667

SOURCES RELEASE DATE

db:VULHUBid:VHN-411269date:2022-03-18T00:00:00
db:VULMONid:CVE-2022-22641date:2022-03-18T00:00:00
db:PACKETSTORMid:166316date:2022-03-15T15:46:52
db:CNNVDid:CNNVD-202203-1256date:2022-03-14T00:00:00
db:NVDid:CVE-2022-22641date:2022-03-18T18:15:14.427