Kritisk sårbarhet i macOS, iOS og iPadOS

Friday Apr 1, 2022 · 1 min read · Critical · Apple iOS iPadOS macOS CVE-2022-22675 CVE-2022-22674

Patch er tilgjengelig

Oppgrader til iOS/iPadOS 15.4.1 og macOS 12.3.1

En kritisk sårbarhet som tillater en ondsinnet aktør å kjøre kode med kernel-privileger har blitt patchet i macOS, iOS, og iPadOS. Sårbarheten blir aktivt utnyttet.

Det er i tillegg en mindre alvorlig sårbarhet for macOS som kan gjøre det enklere å utnytte andre sårbarheter.

AppleAVD (CVE-2022-22675) - Kritisk

An out-of-bounds write issue was addressed with improved bounds checking. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Intel Graphics Driver (CVE-2022-22674)

An out-of-bounds read issue may lead to the disclosure of kernel memory and was addressed with improved input validation. Apple is aware of a report that this issue may have been actively exploited. An application may be able to read kernel memory

Kritisk sårbarhet i macOS, iOS og iPadOS

AppleAVD (CVE-2022-22675) - Kritisk

Intel Graphics Driver (CVE-2022-22674)

Kilder