ID

VAR-202212-1537


CVE

CVE-2022-32916


TITLE

apple's  iOS  Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-023665

DESCRIPTION

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory. apple's iOS Exists in an out-of-bounds read vulnerability.Information may be obtained

Trust: 1.8

sources: NVD: CVE-2022-32916 // JVNDB: JVNDB-2022-023665 // VULHUB: VHN-425005 // VULMON: CVE-2022-32916

AFFECTED PRODUCTS

vendor:applemodel:iphone osscope:ltversion:16.0

Trust: 1.0

vendor:アップルmodel:iosscope:eqversion: -

Trust: 0.8

vendor:アップルmodel:iosscope:eqversion:16.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-023665 // NVD: CVE-2022-32916

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-32916
value: MEDIUM

Trust: 1.0

NVD: CVE-2022-32916
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202212-3335
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2022-32916
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2022-32916
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-023665 // CNNVD: CNNVD-202212-3335 // NVD: CVE-2022-32916

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.1

problemtype:Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-425005 // JVNDB: JVNDB-2022-023665 // NVD: CVE-2022-32916

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202212-3335

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202212-3335

PATCH

title:HT213446 Apple  Security updateurl:https://support.apple.com/en-us/HT213446

Trust: 0.8

title:Apple iOS Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=218514

Trust: 0.6

sources: JVNDB: JVNDB-2022-023665 // CNNVD: CNNVD-202212-3335

EXTERNAL IDS

db:NVDid:CVE-2022-32916

Trust: 3.4

db:JVNDBid:JVNDB-2022-023665

Trust: 0.8

db:CNNVDid:CNNVD-202212-3335

Trust: 0.6

db:VULHUBid:VHN-425005

Trust: 0.1

db:VULMONid:CVE-2022-32916

Trust: 0.1

sources: VULHUB: VHN-425005 // VULMON: CVE-2022-32916 // JVNDB: JVNDB-2022-023665 // CNNVD: CNNVD-202212-3335 // NVD: CVE-2022-32916

REFERENCES

url:https://support.apple.com/en-us/ht213446

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-32916

Trust: 1.4

url:https://cxsecurity.com/cveshow/cve-2022-32916/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-425005 // VULMON: CVE-2022-32916 // JVNDB: JVNDB-2022-023665 // CNNVD: CNNVD-202212-3335 // NVD: CVE-2022-32916

SOURCES

db:VULHUBid:VHN-425005
db:VULMONid:CVE-2022-32916
db:JVNDBid:JVNDB-2022-023665
db:CNNVDid:CNNVD-202212-3335
db:NVDid:CVE-2022-32916

LAST UPDATE DATE

2024-08-14T15:16:19.910000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-425005date:2022-12-20T00:00:00
db:VULMONid:CVE-2022-32916date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023665date:2023-11-29T06:08:00
db:CNNVDid:CNNVD-202212-3335date:2022-12-21T00:00:00
db:NVDid:CVE-2022-32916date:2022-12-20T15:07:20.097

SOURCES RELEASE DATE

db:VULHUBid:VHN-425005date:2022-12-15T00:00:00
db:VULMONid:CVE-2022-32916date:2022-12-15T00:00:00
db:JVNDBid:JVNDB-2022-023665date:2023-11-29T00:00:00
db:CNNVDid:CNNVD-202212-3335date:2022-12-15T00:00:00
db:NVDid:CVE-2022-32916date:2022-12-15T19:15:17.950