Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-32844

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication.

Published

2023-02-27T20:15:11.860

Last Modified

2025-03-11T20:15:13.897

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.3 (MEDIUM)

Weaknesses

Type: Primary
CWE-362
Type: Secondary
CWE-362

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	apple	ipados	< 15.6	Yes
Operating System	apple	iphone_os	< 15.6	Yes
Operating System	apple	tvos	< 15.6	Yes
Operating System	apple	watchos	< 8.7	Yes

References

https://support.apple.com/en-us/HT213340 Vendor Advisory ([email protected])
https://support.apple.com/en-us/HT213342 Vendor Advisory ([email protected])
https://support.apple.com/en-us/HT213346 Vendor Advisory ([email protected])
https://support.apple.com/en-us/HT213340 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT213342 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT213346 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)