SB2022072101 - Multiple vulnerabilities in macOS Monterey
Published: July 21, 2022 Updated: November 6, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 71 secuirty vulnerabilities.
1) Cleartext transmission of sensitive information (CVE-ID: CVE-2022-32857)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to Software Update uses insecure communication channel. A remote attacker on the local network can track user’s activity.
2) Memory leak (CVE-ID: CVE-2022-32823)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due memory leak in libxml2. A local application can gain access to sensitive information.
3) Type Confusion (CVE-ID: CVE-2022-32814)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a type confusion error in Multi-Touch. A local application can trigger a type confusion error and execute arbitrary code with kernel privileges.
4) Input validation error (CVE-ID: CVE-2022-32786)
The vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input when parsing environment variables in PackageKit. A local application can modify protected parts of the file system.
5) Input validation error (CVE-ID: CVE-2022-32800)
The vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input when parsing environment variables in PackageKit. A local application can modify protected parts of the file system.
6) Information disclosure (CVE-ID: CVE-2022-32838)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a logic error in PluginKit. A local application can read arbitrary files on the system.
7) Out-of-bounds write (CVE-ID: CVE-2022-32843)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing Postscript file in PS Normalizer. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
8) Buffer overflow (CVE-ID: CVE-2022-32796)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in SMB component. A local application can trigger memory corruption and execute arbitrary code with root privileges.
9) Out-of-bounds read (CVE-ID: CVE-2022-32842)
The vulnerability allows a local application to escalate privileges on the system.
10) Out-of-bounds write (CVE-ID: CVE-2022-32798)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in SMB component. A local application can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
11) Out-of-bounds read (CVE-ID: CVE-2022-32799)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in SMB component. A local user can trigger an out-of-bounds read error and read contents of memory on the system.
12) Out-of-bounds read (CVE-ID: CVE-2022-32818)
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in SMB component. A local user can trigger an out-of-bounds read error and read kernel memory.13) Input validation error (CVE-ID: CVE-2022-32807)
The vulnerability allows a local application to overwrite files on the system.
The vulnerability exists due to insufficient validation of user-supplied input in Spindump. A local application can overwrite arbitrary files.
14) Buffer overflow (CVE-ID: CVE-2022-32829)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in OS kernel. A local application can trigger memory corruption and execute arbitrary code with root privileges.15) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32801)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to Spotlight does not properly impose security restrictions. A local application can execute arbitrary code with root privileges.
16) Information disclosure (CVE-ID: CVE-2021-28544)
The vulnerability allows a remote user to gain access to potentially sensitive information.
The vulnerability exists due to exposure of the node "copyfrom" path copied from a protected location. A remote user can gain unauthorized access to sensitive information on the system.
17) Use-after-free (CVE-ID: CVE-2022-24070)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within mod_dav_svn. A remote attacker can send specially crafted HTTP requests to the affected application and perform a denial of service (DoS) attack.
18) Stored cross-site scripting (CVE-ID: CVE-2022-29046)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to the affected plugin does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
19) Cross-site request forgery (CVE-ID: CVE-2022-29048)
The vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin. A remote user can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.
20) Security features bypass (CVE-ID: CVE-2022-32834)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to an error in TCC. A local application can bypass implemented sandbox restrictions and gain access to sensitive information.
21) Spoofing attack (CVE-ID: CVE-2022-32816)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to incorrect processing of user-supplied data in WebKit. A remote attacker can spoof page content.
22) Out-of-bounds write (CVE-ID: CVE-2022-32792)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input within the B3 JIT compiler in WebKit. A remote attacker can trick the victim into opening a specially crafted webpage, trigger an out-of-bounds write and execute arbitrary code on the target system.
23) Heap-based buffer overflow (CVE-ID: CVE-2022-2294)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within WebRTC implementation. A remote attacker can trick the victim ti visit a specially crafted website, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Note, the vulnerability is being actively exploited in the wild.
24) Out-of-bounds write (CVE-ID: CVE-2022-32837)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in the Wi-Fi component. A local application can trigger memory corruption and perform a denial of service attack or execute arbitrary code on the system.
25) Buffer overflow (CVE-ID: CVE-2022-32847)
The vulnerability allows a remote attacker to perform a denial of service attack.
The vulnerability exists due to a boundary error in the Wi-Fi component. A remote attacker can send specially crafted traffic to the system, trigger memory corruption and perform a denial of service (DoS) attack.
26) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32848)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a logic issue in the Windows Server component. A local application can capture user’s screen.
27) Buffer overflow (CVE-ID: CVE-2022-26981)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary within the in compilePassOpcode() function in compileTranslationTable.c. A remote attacker can trick the victim to pass specially crafted data to the application, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
28) Out-of-bounds read (CVE-ID: CVE-2022-32817)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in OS kernel. A local application can trigger an out-of-bounds read error and read contents of kernel memory.
29) Buffer overflow (CVE-ID: CVE-2022-32832)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the AppleAPFSUserClient::methodDeltaCreateFinalize() method in APFS. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with root privileges.
30) Security features bypass (CVE-ID: CVE-2022-32789)
The vulnerability allows a local application to bypass implemented security restrictions.
The vulnerability exists due to a logic error in the Automation component. A local application can bypass Privacy preferences.
31) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32826)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in AppleMobileFileIntegrity. A local user can execute arbitrary code with root privileges.
32) Buffer overflow (CVE-ID: CVE-2022-32810)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in Apple Neural Engine. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code with root privileges.33) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32840)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in Apple Neural Engine. A local user can execute arbitrary code with root privileges.34) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32845)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in Apple Neural Engine. A local user can execute arbitrary code with root privileges.35) Out-of-bounds read (CVE-ID: CVE-2022-32797)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition within the TASUnparser_PrintObject in AppleScript.framework. A remote attacker can create a specially crafted SCPT file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
36) Out-of-bounds read (CVE-ID: CVE-2022-32851)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling AppleScript. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
37) Out-of-bounds read (CVE-ID: CVE-2022-32852)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling AppleScript. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
38) Out-of-bounds read (CVE-ID: CVE-2022-32853)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling AppleScript. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
39) Out-of-bounds read (CVE-ID: CVE-2022-32831)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling AppleScript. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
40) Out-of-bounds write (CVE-ID: CVE-2022-32820)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error when processing untrusted input within he Audio component. A local application can trigger an out-of-bounds write error and execute arbitrary code with root privileges.
41) Buffer overflow (CVE-ID: CVE-2022-32825)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a boundary error in Audio component. A local user can run a specially crafted program to trigger memory corruption and gain access to sensitive information.42) Information disclosure (CVE-ID: CVE-2022-32805)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to insecure cache implementation in Calendar component. A local application can gain unauthorized access to sensitive information on the system.
43) Buffer overflow (CVE-ID: CVE-2022-32815)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in OS kernel. A local application can trigger memory corruption and execute arbitrary code with root privileges.44) Memory leak (CVE-ID: CVE-2022-32828)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due memory leak in CoreMedia component. A local application can gain access to kernel information.
45) Buffer overflow (CVE-ID: CVE-2022-32839)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in CoreText. A remote attacker can create a specially crafted document, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
46) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-32819)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in File System Events. A local application can gain root privileges on the system.
47) Out-of-bounds write (CVE-ID: CVE-2022-32793)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in GPU drivers. A local application can trigger an out-of-bounds write error and execute arbitrary code with root privileges.
48) Buffer overflow (CVE-ID: CVE-2022-32821)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in GPU drivers. A local application can trigger memory corruption and execute arbitrary code with root privileges.
49) Information disclosure (CVE-ID: CVE-2022-32849)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in iCloud Photo Library. A local application can gain unauthorized access to sensitive information on the system.
50) Out-of-bounds write (CVE-ID: CVE-2022-32787)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error in ICU components when processing untrusted input. A remote attacker can create a specially crafted file, trick the victim into opening it using the affected software, trigger out-of-bounds write and execute arbitrary code on the target system.
51) Out-of-bounds read (CVE-ID: CVE-2022-32841)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in ImageIO. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.
52) NULL pointer dereference (CVE-ID: CVE-2022-32785)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in ImageIO. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
53) Buffer overflow (CVE-ID: CVE-2022-32811)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in Intel Graphics driver. A local application can trigger memory corruption and execute arbitrary code with root privileges.
54) Buffer overflow (CVE-ID: CVE-2022-32812)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in Intel Graphics driver. A local application can trigger memory corruption and execute arbitrary code with root privileges.
55) Buffer overflow (CVE-ID: CVE-2022-32813)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in OS kernel. A local application can trigger memory corruption and execute arbitrary code with root privileges.56) Buffer overflow (CVE-ID: CVE-2022-32788)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in AppleAVD. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
57) Buffer overflow (CVE-ID: CVE-2022-32802)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ImageIO. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
58) Information disclosure (CVE-ID: CVE-2022-32861)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a logic issue in WebKit. A remote attacker can track user's by their IP address.
59) Buffer overflow (CVE-ID: CVE-2022-32863)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content in WebKit. A remote attacker can create a specially crafted web page, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
60) Information disclosure (CVE-ID: CVE-2022-32880)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to unspecified error in AppleMobileFileIntegrity. A local application can gain access to sensitive information.
61) Input validation error (CVE-ID: CVE-2022-32910)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation when processing archives in Archive Utility. A remote attacker can trick the victim to open a specially crafted archive and bypass Gatekeeper protection features.
Successful exploitation of the vulnerability may lead to entire system compromise.
62) Out-of-bounds write (CVE-ID: CVE-2022-32860)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the Wi-Fi subsystem. A local application can trigger an out-of-bounds write error and execute arbitrary code with kernel privileges.
63) Out-of-bounds read (CVE-ID: CVE-2022-32948)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary condition in Apple Neural Engine. A local application can trigger an out-of-bounds read error and execute arbitrary code with kernel privileges.
64) Integer overflow (CVE-ID: CVE-2022-42805)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to integer overflow within the Apple Neural Engine. A local application can trigger an integer overflow and execute arbitrary code with kernel privileges.
65) Buffer overflow (CVE-ID: CVE-2022-32885)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in WebKit when processing HTML content. A remote attacker can create a specially crafted website, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
66) Buffer overflow (CVE-ID: CVE-2022-42858)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the AMD subsystem. A local application can trigger memory corruption and execute arbitrary code with kernel privileges.
67) Buffer overflow (CVE-ID: CVE-2022-48503)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing HTML content within the JavaScript code engine in WebKit. A remote attacker can trick the victim to visit a specially crafted website, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
68) Out-of-bounds read (CVE-ID: CVE-2022-48578)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition in AppleScript. A local application can trigger an out-of-bounds read error and read contents of memory on the system.
69) Input validation error (CVE-ID: CVE-2022-46708)
The vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to insufficient validation of user-supplied input in Safari. A remote attacker can trick the victim to open a specially crafted website and disclose sensitive information.
70) Buffer overflow (CVE-ID: CVE-2022-32897)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in ImageIO when processing tiff files. A remote attacker can create a specially crafted TIFF file, trick the victim into opening it, trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
71) Information disclosure (CVE-ID: CVE-2022-32933)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in WebKit. A remote attacker can track users who visited the website in Safari private browsing mode.
Remediation
Install update from vendor's website.