ID

VAR-202212-1516


CVE

CVE-2022-42865


TITLE

Vulnerabilities in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2022-023586

DESCRIPTION

This issue was addressed by enabling hardened runtime. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to bypass Privacy preferences. iPadOS , iOS , macOS Unspecified vulnerabilities exist in multiple Apple products.Information may be tampered with. Alternatively, on your watch, select "My Watch > General > About". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-12-13-7 tvOS 16.2 tvOS 16.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213535. Accounts Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: A user may be able to view sensitive user information Description: This issue was addressed with improved data protection. CVE-2022-42843: Mickey Jin (@patch1t) AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Parsing a maliciously crafted video file may lead to kernel code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-46694: Andrey Labunets and Nikita Tarakanov AppleMobileFileIntegrity Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: An app may be able to bypass Privacy preferences Description: This issue was addressed by enabling hardened runtime. CVE-2022-42865: Wojciech Reguła (@_r3ggi) of SecuRing AVEVideoEncoder Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved checks. CVE-2022-42848: ABC Research s.r.o ImageIO Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-46693: Mickey Jin (@patch1t) ImageIO Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Parsing a maliciously crafted TIFF file may lead to disclosure of user information Description: The issue was addressed with improved memory handling. CVE-2022-42851: Mickey Jin (@patch1t) IOHIDFamily Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2022-42864: Tommy Muir (@Muirey03) IOMobileFrameBuffer Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved input validation. CVE-2022-46690: John Aakerblom (@jaakerblom) Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: An app may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with additional validation. CVE-2022-46689: Ian Beer of Google Project Zero Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges Description: The issue was addressed with improved bounds checks. CVE-2022-46701: Felix Poulin-Belanger Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: A remote user may be able to cause kernel code execution Description: The issue was addressed with improved memory handling. CVE-2022-42842: pattern-f (@pattern_F_) of Ant Security Light-Year Lab Kernel Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges Description: The issue was addressed with improved memory handling. CVE-2022-42845: Adam Doupé of ASU SEFCOM libxml2 Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2022-40303: Maddie Stone of Google Project Zero libxml2 Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project Zero Preferences Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: An app may be able to use arbitrary entitlements Description: A logic issue was addressed with improved state management. CVE-2022-42855: Ivan Fratric of Google Project Zero Safari Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Visiting a website that frames malicious content may lead to UI spoofing Description: A spoofing issue existed in the handling of URLs. CVE-2022-46695: KirtiKumar Anandrao Ramchandani Software Update Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: A user may be able to elevate privileges Description: An access issue existed with privileged API calls. CVE-2022-42849: Mickey Jin (@patch1t) Weather Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: An app may be able to read sensitive location information Description: The issue was addressed with improved handling of caches. CVE-2022-42866: an anonymous researcher WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. WebKit Bugzilla: 245521 CVE-2022-42867: Maddie Stone of Google Project Zero WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory consumption issue was addressed with improved memory handling. WebKit Bugzilla: 245466 CVE-2022-46691: an anonymous researcher WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing maliciously crafted web content may bypass Same Origin Policy Description: A logic issue was addressed with improved state management. WebKit Bugzilla: 246783 CVE-2022-46692: KirtiKumar Anandrao Ramchandani WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing maliciously crafted web content may result in the disclosure of process memory Description: The issue was addressed with improved memory handling. CVE-2022-42852: hazbinhotel working with Trend Micro Zero Day Initiative WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation. WebKit Bugzilla: 246942 CVE-2022-46696: Samuel Groß of Google V8 Security WebKit Bugzilla: 247562 CVE-2022-46700: Samuel Groß of Google V8 Security WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A logic issue was addressed with improved checks. CVE-2022-46698: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs & DNSLab, Korea Univ. WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. WebKit Bugzilla: 247420 CVE-2022-46699: Samuel Groß of Google V8 Security WebKit Bugzilla: 244622 CVE-2022-42863: an anonymous researcher WebKit Available for: Apple TV 4K, Apple TV 4K (2nd generation and later), and Apple TV HD Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1. Description: A type confusion issue was addressed with improved state handling. WebKit Bugzilla: 248266 CVE-2022-42856: Clément Lecigne of Google's Threat Analysis Group Additional recognition Kernel We would like to acknowledge Zweig of Kunlun Lab for their assistance. Safari Extensions We would like to acknowledge Oliver Dunk and Christian R. of 1Password for their assistance. WebKit We would like to acknowledge an anonymous researcher and scarlet for their assistance. Apple TV will periodically check for software updates. Alternatively, you may manually check for software updates by selecting "Settings -> System -> Software Update -> Update Software." To check the current version of software, select "Settings -> General -> About." All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmOZFX4ACgkQ4RjMIDke NxkItA/+LIwJ66Odl7Uwp1N/qek5Z/TBuPKlbgTwRZGT3LBVMVmyHTBzebA88aNq Pae1RKQ2Txw4w9Tb7a08eeqRQD51MBoSjTxf23tO1o0B1UR3Hgq3gsOSjh/dTq9V Jvy4DpO15xdVHP3BH/li114JpgR+FoD5Du0rPffL01p6YtqeWMSvnRoCmwNcIqou i2ZObfdrL2WJ+IiDIlMoJ3v+B1tDxOWR6Mn37iRdzl+QgrQMQtP9pSsiAPCntA+y eFM5Hp0JlOMtCfA+xT+LRoZHCbjTCFMRlRbNffGvrNwwdTY4MXrSYlKcIo3yFT2m KSHrQNvqzWhmSLAcHlUNo0lVvtPAlrgyilCYaeRNgRC1+x8KRf/AcErXr23oKknJ lzIF6eVk1K3mxUmR+M+P8+cr14pbrUwJcQlm0In6/8fUulHtcElLE3fJ+HJVImx8 RtvNmuCng5iEK1zlwgDvAKO3EgMrMtduF8aygaCcBmt65GMkHwvOGCDXcIrKfH9U sP4eY7V3t4CQd9TX3Vlmt47MwRTSVuUtMcQeQPhEUTdUbM7UlvtW8igrLvkz9uPn CpuE2mzhd/dJANXvMFBR9A0ilAdJO1QD/uSWL+UbKq4BlyiW5etd8gObQfHqqW3C sh0EwxLh4ATicRS9btAJMwIfK/ulYDWp4yuIsUamDj/sN9xWvXY= =i2O9 -----END PGP SIGNATURE-----

Trust: 1.98

sources: NVD: CVE-2022-42865 // JVNDB: JVNDB-2022-023586 // VULHUB: VHN-439678 // VULMON: CVE-2022-42865 // PACKETSTORM: 170318 // PACKETSTORM: 170317

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:16.2

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:16.2

Trust: 1.0

vendor:applemodel:macosscope:ltversion:13.1

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:16.2

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:9.2

Trust: 1.0

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope:eqversion:9.2

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-023586 // NVD: CVE-2022-42865

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-42865
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-42865
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202212-3035
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-42865
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-42865
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-023586 // CNNVD: CNNVD-202212-3035 // NVD: CVE-2022-42865

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:Lack of information (CWE-noinfo) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2022-023586 // NVD: CVE-2022-42865

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202212-3035

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202212-3035

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-439678

PATCH

title:HT213536 Apple  Security updateurl:https://support.apple.com/en-us/HT213530

Trust: 0.8

sources: JVNDB: JVNDB-2022-023586

EXTERNAL IDS

db:NVDid:CVE-2022-42865

Trust: 3.6

db:PACKETSTORMid:170318

Trust: 0.8

db:JVNDBid:JVNDB-2022-023586

Trust: 0.8

db:CNNVDid:CNNVD-202212-3035

Trust: 0.6

db:PACKETSTORMid:170317

Trust: 0.2

db:VULHUBid:VHN-439678

Trust: 0.1

db:VULMONid:CVE-2022-42865

Trust: 0.1

sources: VULHUB: VHN-439678 // VULMON: CVE-2022-42865 // JVNDB: JVNDB-2022-023586 // PACKETSTORM: 170318 // PACKETSTORM: 170317 // CNNVD: CNNVD-202212-3035 // NVD: CVE-2022-42865

REFERENCES

url:http://seclists.org/fulldisclosure/2022/dec/20

Trust: 2.5

url:http://seclists.org/fulldisclosure/2022/dec/23

Trust: 2.5

url:http://seclists.org/fulldisclosure/2022/dec/26

Trust: 2.5

url:http://seclists.org/fulldisclosure/2022/dec/27

Trust: 2.5

url:https://support.apple.com/en-us/ht213536

Trust: 2.4

url:https://support.apple.com/en-us/ht213530

Trust: 1.8

url:https://support.apple.com/en-us/ht213532

Trust: 1.8

url:https://support.apple.com/en-us/ht213535

Trust: 1.8

url:https://support.apple.com/kb/ht213534

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2022-42865

Trust: 1.0

url:https://cxsecurity.com/cveshow/cve-2022-42865/

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-ios-macos-multiple-vulnerabilities-of-december-2022-40105

Trust: 0.6

url:https://packetstormsecurity.com/files/170318/apple-security-advisory-2022-12-13-8.html

Trust: 0.6

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-42849

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-42842

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-42845

Trust: 0.2

url:https://support.apple.com/en-us/ht201222.

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-40303

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-42863

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-42864

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-42843

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-42852

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2022-40304

Trust: 0.2

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42867

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42866

Trust: 0.1

url:https://support.apple.com/kb/ht204641

Trust: 0.1

url:https://support.apple.com/ht213536.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42837

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42859

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42848

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42855

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42851

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2022-42856

Trust: 0.1

url:https://support.apple.com/ht213535.

Trust: 0.1

sources: VULHUB: VHN-439678 // VULMON: CVE-2022-42865 // JVNDB: JVNDB-2022-023586 // PACKETSTORM: 170318 // PACKETSTORM: 170317 // CNNVD: CNNVD-202212-3035 // NVD: CVE-2022-42865

CREDITS

Apple

Trust: 0.2

sources: PACKETSTORM: 170318 // PACKETSTORM: 170317

SOURCES

db:VULHUBid:VHN-439678
db:VULMONid:CVE-2022-42865
db:JVNDBid:JVNDB-2022-023586
db:PACKETSTORMid:170318
db:PACKETSTORMid:170317
db:CNNVDid:CNNVD-202212-3035
db:NVDid:CVE-2022-42865

LAST UPDATE DATE

2024-08-14T12:53:09.936000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-439678date:2023-01-09T00:00:00
db:VULMONid:CVE-2022-42865date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023586date:2023-11-29T03:22:00
db:CNNVDid:CNNVD-202212-3035date:2023-05-15T00:00:00
db:NVDid:CVE-2022-42865date:2023-05-12T09:15:09.997

SOURCES RELEASE DATE

db:VULHUBid:VHN-439678date:2022-12-15T00:00:00
db:VULMONid:CVE-2022-42865date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023586date:2023-11-29T00:00:00
db:PACKETSTORMid:170318date:2022-12-22T02:13:22
db:PACKETSTORMid:170317date:2022-12-22T02:12:53
db:CNNVDid:CNNVD-202212-3035date:2022-12-13T00:00:00
db:NVDid:CVE-2022-42865date:2022-12-15T19:15:25.470