Apple Patches Actively Exploited Vulnerability in macOS, iOS and iPadOS,
Apple today patched two flaws in macOS. One of the flaws has also been fixed for iOS and iPadOS. The AppleAVD flaw patched in across all the operating systems is critical as it allows arbitrary code execution with kernel privileges, and the flaw has been actively exploited.
The second vulnerability, an out-of-bounds read issue for kernel memory, only affects macOS and may be useful to exploit other vulnerabilities.
You probably should patch quickly given that the more severe flaw is already being exploited.
Catalina | BigSur | Monterey | tvOS | iOS/iPadOS | watchOS | ||
---|---|---|---|---|---|---|---|
CVE-2022-22675 [Critical] AppleAVD An out-of-bounds write issue was addressed with improved bounds checking. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. |
|||||||
x | x | ||||||
CVE-2022-22674 [important] Intel Graphics Driver An out-of-bounds read issue may lead to the disclosure of kernel memory and was addressed with improved input validation. Apple is aware of a report that this issue may have been actively exploited. An application may be able to read kernel memory |
|||||||
x |
---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|
My next class:
Application Security: Securing Web Apps, APIs, and Microservices | Online | US Eastern | Jan 27th - Feb 1st 2025 |
×
Diary Archives
Comments