PT-2023-13205 · Apple · Watchos+3

Skr0X1C0

Publicado

2023-02-27

Atualizado

2025-03-11

CVE-2022-32844

CVSS v3.1

6.3

Média

Vetor

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 15.6 Apple iPadOS versions prior to 15.6 Apple tvOS versions prior to 15.6 Apple watchOS versions prior to 8.7

Description A race condition issue was addressed through improved state handling, which could allow an app with arbitrary kernel read and write capability to bypass Pointer Authentication.

Recommendations For iOS versions prior to 15.6, update to iOS 15.6 to resolve the issue. For iPadOS versions prior to 15.6, update to iPadOS 15.6 to resolve the issue. For tvOS versions prior to 15.6, update to tvOS 15.6 to resolve the issue. For watchOS versions prior to 8.7, update to watchOS 8.7 to resolve the issue.

Correção

Race Condition

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-362

Identificadores relacionados

CVE-2022-32844

Produtos afetados

Ios

Ipados

Tvos

Watchos

PT-2023-13205 · Apple · Watchos+3

CVE-2022-32844

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7