ID

VAR-202302-1951


CVE

CVE-2022-46712


TITLE

apple's  macOS  Vulnerability in using free memory in

Trust: 0.8

sources: JVNDB: JVNDB-2022-020467

DESCRIPTION

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or potentially execute code with kernel privileges. apple's macOS Exists in a vulnerability related to the use of freed memory.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-46712 // JVNDB: JVNDB-2022-020467 // VULHUB: VHN-447286 // VULMON: CVE-2022-46712

AFFECTED PRODUCTS

vendor:applemodel:macosscope:ltversion:13.0

Trust: 1.0

vendor:アップルmodel:macosscope:eqversion:13.0

Trust: 0.8

vendor:アップルmodel:macosscope:eqversion: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-020467 // NVD: CVE-2022-46712

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-46712
value: HIGH

Trust: 1.0

NVD: CVE-2022-46712
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202302-2157
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-46712
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-46712
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-020467 // CNNVD: CNNVD-202302-2157 // NVD: CVE-2022-46712

PROBLEMTYPE DATA

problemtype:CWE-416

Trust: 1.1

problemtype:Use of freed memory (CWE-416) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-447286 // JVNDB: JVNDB-2022-020467 // NVD: CVE-2022-46712

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-2157

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-202302-2157

PATCH

title:HT213488 Apple  Security updateurl:https://support.apple.com/en-us/HT213488

Trust: 0.8

title:Apple macOS Remediation of resource management error vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=228167

Trust: 0.6

sources: JVNDB: JVNDB-2022-020467 // CNNVD: CNNVD-202302-2157

EXTERNAL IDS

db:NVDid:CVE-2022-46712

Trust: 3.4

db:JVNDBid:JVNDB-2022-020467

Trust: 0.8

db:CNNVDid:CNNVD-202302-2157

Trust: 0.6

db:VULHUBid:VHN-447286

Trust: 0.1

db:VULMONid:CVE-2022-46712

Trust: 0.1

sources: VULHUB: VHN-447286 // VULMON: CVE-2022-46712 // JVNDB: JVNDB-2022-020467 // CNNVD: CNNVD-202302-2157 // NVD: CVE-2022-46712

REFERENCES

url:https://support.apple.com/en-us/ht213488

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-46712

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-46712/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-447286 // VULMON: CVE-2022-46712 // JVNDB: JVNDB-2022-020467 // CNNVD: CNNVD-202302-2157 // NVD: CVE-2022-46712

SOURCES

db:VULHUBid:VHN-447286
db:VULMONid:CVE-2022-46712
db:JVNDBid:JVNDB-2022-020467
db:CNNVDid:CNNVD-202302-2157
db:NVDid:CVE-2022-46712

LAST UPDATE DATE

2024-08-14T13:21:05.040000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-447286date:2023-03-08T00:00:00
db:VULMONid:CVE-2022-46712date:2023-02-27T00:00:00
db:JVNDBid:JVNDB-2022-020467date:2023-11-02T02:30:00
db:CNNVDid:CNNVD-202302-2157date:2023-03-09T00:00:00
db:NVDid:CVE-2022-46712date:2023-03-08T17:44:06.633

SOURCES RELEASE DATE

db:VULHUBid:VHN-447286date:2023-02-27T00:00:00
db:VULMONid:CVE-2022-46712date:2023-02-27T00:00:00
db:JVNDBid:JVNDB-2022-020467date:2023-11-02T00:00:00
db:CNNVDid:CNNVD-202302-2157date:2023-02-27T00:00:00
db:NVDid:CVE-2022-46712date:2023-02-27T20:15:12.887