CVE-2022-32916

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-32916
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory.

5.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://support.apple.com/en-us/HT213446 Release Notes Vendor Advisory
https://support.apple.com/en-us/HT213446 Release Notes Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
History

21 Nov 2024, 07:07

Type Values Removed Values Added
References () https://support.apple.com/en-us/HT213446 - Release Notes, Vendor Advisory () https://support.apple.com/en-us/HT213446 - Release Notes, Vendor Advisory
Summary
  • (es) Existía un problema de lectura fuera de los límites que provocaba la divulgación de la memoria del kernel. Esto se solucionó con una validación de entrada mejorada. Este problema se solucionó en iOS 16. Es posible que una aplicación pueda revelar la memoria del kernel.
Information

Published : 2022-12-15 19:15

Updated : 2025-04-21 19:15

NVD link : CVE-2022-32916

Mitre link : CVE-2022-32916

CVE.ORG link : CVE-2022-32916

JSON object : View

Products Affected

apple

  • iphone_os
CWE
CWE-125

Out-of-bounds Read