{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-32844", "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "dateUpdated": "2024-08-03T07:54:03.026Z", "dateReserved": "2022-06-09T00:00:00", "datePublished": "2023-02-27T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple", "dateUpdated": "2023-02-27T00:00:00"}, "descriptions": [{"lang": "en", "value": "A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication."}], "affected": [{"vendor": "Apple", "product": "tvOS", "versions": [{"version": "unspecified", "lessThan": "15.6", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "unspecified", "lessThan": "8.7", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "unspecified", "lessThan": "15.6", "status": "affected", "versionType": "custom"}]}, {"vendor": "Apple", "product": "watchOS", "versions": [{"version": "unspecified", "lessThan": "15.6", "status": "affected", "versionType": "custom"}]}], "references": [{"url": "https://support.apple.com/en-us/HT213340"}, {"url": "https://support.apple.com/en-us/HT213342"}, {"url": "https://support.apple.com/en-us/HT213346"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T07:54:03.026Z"}, "title": "CVE Program Container", "references": [{"url": "https://support.apple.com/en-us/HT213340", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213342", "tags": ["x_transferred"]}, {"url": "https://support.apple.com/en-us/HT213346", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*", "matchCriteriaId": "F5E4F87A-8003-43EB-99F7-35C82AEA4DC0", "versionEndExcluding": "15.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6FA9FE3-1891-405C-B191-04CAB84ADD46", "versionEndExcluding": "15.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*", "matchCriteriaId": "83FC1965-2381-49FF-9521-355D29B28B71", "versionEndExcluding": "15.6", "vulnerable": true}, {"criteria": "cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*", "matchCriteriaId": "8EB2AF3C-B2A0-41AD-9C3E-14B220620FF0", "versionEndExcluding": "8.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication."}, {"lang": "es", "value": "Se solucion\u00f3 una condici\u00f3n de ejecuci\u00f3n con un mejor manejo del estado. Este problema se solucion\u00f3 en tvOS 15.6, watchOS 8.7, iOS 15.6 y iPadOS 15.6. Una aplicaci\u00f3n con capacidad arbitraria de lectura y escritura del kernel puede omitir la autenticaci\u00f3n de puntero."}], "id": "CVE-2022-32844", "lastModified": "2024-11-21T07:07:04.700", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-02-27T20:15:11.860", "references": [{"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213340"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213342"}, {"source": "product-security@apple.com", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213346"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213340"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213342"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.apple.com/en-us/HT213346"}], "sourceIdentifier": "product-security@apple.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}