PT-2023-13205 · Apple · Watchos+3

Skr0X1C0

Published

2023-02-27

Updated

2025-03-11

CVE-2022-32844

CVSS v3.1

6.3

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Apple iOS versions prior to 15.6 Apple iPadOS versions prior to 15.6 Apple tvOS versions prior to 15.6 Apple watchOS versions prior to 8.7

Description A race condition issue was addressed through improved state handling, which could allow an app with arbitrary kernel read and write capability to bypass Pointer Authentication.

Recommendations For iOS versions prior to 15.6, update to iOS 15.6 to resolve the issue. For iPadOS versions prior to 15.6, update to iPadOS 15.6 to resolve the issue. For tvOS versions prior to 15.6, update to tvOS 15.6 to resolve the issue. For watchOS versions prior to 8.7, update to watchOS 8.7 to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2022-32844

Affected Products

Ios

Ipados

Tvos

Watchos

PT-2023-13205 · Apple · Watchos+3

CVE-2022-32844

Weakness Enumeration

Related Identifiers

Affected Products

References · 7