Sign-up

ID

VAR-202210-1930


CVE

CVE-2022-42810


TITLE

Apple iOS and iPadOS Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202210-2347

DESCRIPTION

The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing a maliciously crafted USD file may disclose memory contents. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-10-27-10 Additional information for APPLE-SA-2022-10-24-6 tvOS 16.1 tvOS 16.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213492. AppleMobileFileIntegrity Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to modify protected parts of the file system Description: This issue was addressed by removing additional entitlements. CVE-2022-42825: Mickey Jin (@patch1t) Audio Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: The issue was addressed with improved memory handling. CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative Entry added October 27, 2022 AVEVideoEncoder Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32940: ABC Research s.r.o. CFNetwork Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution Description: A certificate validation issue existed in the handling of WKWebView. CVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu) Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-32924: Ian Beer of Google Project Zero Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: A remote user may be able to cause kernel code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-42808: Zweig of Kunlun Lab Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom) Entry added October 27, 2022 Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai Entry added October 27, 2022 Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved checks. CVE-2022-42801: Ian Beer of Google Project Zero Entry added October 27, 2022 Model I/O Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing a maliciously crafted USD file may disclose memory contents Description: The issue was addressed with improved memory handling. CVE-2022-42810: Xingwei Lin (@xwlin_roy) and Yinyi Wu of Ant Security Light-Year Lab Entry added October 27, 2022 Sandbox Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An app may be able to access user-sensitive data Description: An access issue was addressed with additional sandbox restrictions. CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Visiting a malicious website may lead to user interface spoofing Description: The issue was addressed with improved UI handling. WebKit Bugzilla: 243693 CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun) WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. WebKit Bugzilla: 244622 CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 245058 CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: Processing maliciously crafted web content may disclose internal states of the app Description: A correctness issue in the JIT was addressed with improved checks. WebKit Bugzilla: 242964 CVE-2022-32923: Wonyoung Jung (@nonetype_pwn) of KAIST Hacking Lab Entry added October 27, 2022 Additional recognition iCloud We would like to acknowledge Tim Michaud (@TimGMichaud) of Moveworks.ai for their assistance. Kernel We would like to acknowledge Peter Nguyen of STAR Labs, Tim Michaud (@TimGMichaud) of Moveworks.ai, Tommy Muir (@Muirey03) for their assistance. WebKit We would like to acknowledge Maddie Stone of Google Project Zero, Narendra Bhati (@imnarendrabhati) of Suma Soft Pvt. Ltd., an anonymous researcher for their assistance. Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmNbKpUACgkQ4RjMIDke NxmJwxAAjSfy9CooaM4dtqHdxCKzuzqRRXrH7h7vDnFdwCyUmJrZYSNAV5AR2W0i qS9pTIMe07Uz5xe4NNd+LzjNYLBvR0YZPwhYyQRFCSQQFcWvFAd8jsI9kn2UJlK6 7dNm/UVE+ztBfAk8O2fLXcAkPG/FqsGFNgVD3LrSy/fZIG3UTe/Q8BGehbD6RX6X wU/eRFSL1RayQHP4136PEiECO1HFLtsMzxyqCUZTwWPVs9CvE1yHS2/0UhgzlN4b 6TJ34AR30+JN5dVthWDLPBlWmaqaDAFiX37xv7vDC36elpr/lhTJ/NkonBVBwSUg dqwPIyoibQ9dVIPtmT0CO7Tn5Q4QlXiFLJKIxNYPBHspEV2nesP8KnupuUrZs3o6 k0q5dJoXUMXZDZH5tokgJQ/ZsYZQA+vSTMpHAWwWddxuARDVI3BnpOBy8KoHH/G1 o4zq5rv0llvYTbH0G/FcNe/MUAb6fU2YXWLU2IfXY3Vf0trLedjEug1B5CGkRuwE abMucUSg7w2nHi0oFuPQQqYzFHOPPatcJnTUGhQ6ioodpsg+DJToAuz1WIBw4SbQ j31KWyc1fGY6eer4spopaePWsHdN5D/nNM2yHgbDb0gwa58v4CFtvI+Cs79dAcEk eOQLXBs0J6cQwbE3HpPxSrzWCYsaaajACdBGCVn5vwV+h3WCecE= =ih0f -----END PGP SIGNATURE-----

Trust: 1.08

sources: NVD: CVE-2022-42810 // VULHUB: VHN-439594 // PACKETSTORM: 169586

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.7.1

Trust: 1.0

vendor:applemodel:iphone osscope:eqversion:16.0

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:15.7.1

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:16.1

Trust: 1.0

sources: NVD: CVE-2022-42810

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-42810
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202210-2347
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-42810
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: CNNVD: CNNVD-202210-2347 // NVD: CVE-2022-42810

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2022-42810

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202210-2347

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202210-2347

PATCH

title:Apple iOS and iPadOS Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=212515

Trust: 0.6

sources: CNNVD: CNNVD-202210-2347

EXTERNAL IDS

db:NVDid:CVE-2022-42810

Trust: 1.8

db:PACKETSTORMid:169586

Trust: 0.7

db:AUSCERTid:ESB-2022.5305.2

Trust: 0.6

db:AUSCERTid:ESB-2022.5461

Trust: 0.6

db:CNNVDid:CNNVD-202210-2347

Trust: 0.6

db:VULHUBid:VHN-439594

Trust: 0.1

sources: VULHUB: VHN-439594 // PACKETSTORM: 169586 // CNNVD: CNNVD-202210-2347 // NVD: CVE-2022-42810

REFERENCES

url:https://support.apple.com/en-us/ht213490

Trust: 2.3

url:https://support.apple.com/en-us/ht213488

Trust: 1.7

url:https://support.apple.com/en-us/ht213489

Trust: 1.7

url:https://support.apple.com/en-us/ht213492

Trust: 1.7

url:https://packetstormsecurity.com/files/169586/apple-security-advisory-2022-10-27-10.html

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-42810/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5461

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5305.2

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-multiple-vulnerabilities-39743

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-42798

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42808

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32924

Trust: 0.1

url:https://support.apple.com/en-us/ht201222.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32926

Trust: 0.1

url:https://support.apple.com/ht213492.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32923

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42801

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42803

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42799

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42810

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42811

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42823

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32940

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42813

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-32944

Trust: 0.1

sources: VULHUB: VHN-439594 // PACKETSTORM: 169586 // CNNVD: CNNVD-202210-2347 // NVD: CVE-2022-42810

CREDITS

Apple

Trust: 0.1

sources: PACKETSTORM: 169586

SOURCES

db:VULHUBid:VHN-439594
db:PACKETSTORMid:169586
db:CNNVDid:CNNVD-202210-2347
db:NVDid:CVE-2022-42810

LAST UPDATE DATE

2024-08-14T12:32:28.650000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-439594date:2022-11-03T00:00:00
db:CNNVDid:CNNVD-202210-2347date:2022-11-04T00:00:00
db:NVDid:CVE-2022-42810date:2022-11-03T03:54:21.443

SOURCES RELEASE DATE

db:VULHUBid:VHN-439594date:2022-11-01T00:00:00
db:PACKETSTORMid:169586date:2022-10-31T14:50:41
db:CNNVDid:CNNVD-202210-2347date:2022-10-27T00:00:00
db:NVDid:CVE-2022-42810date:2022-11-01T20:15:23.440