Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-32893

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Published

2022-08-24T20:15:09.147

Last Modified

2025-02-28T14:56:47.870

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.8 (HIGH)

Weaknesses

Type: Primary
CWE-787
Type: Secondary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	apple	safari	< 15.6.1	Yes
Operating System	apple	ipados	< 15.6.1	Yes
Operating System	apple	iphone_os	< 15.6.1	Yes
Operating System	apple	macos	< 12.5.1	Yes
Operating System	fedoraproject	fedora	35	Yes
Operating System	fedoraproject	fedora	36	Yes
Operating System	debian	debian_linux	10.0	Yes
Operating System	debian	debian_linux	11.0	Yes
Application	webkitgtk	webkitgtk	< 2.36.7	Yes
Application	wpewebkit	wpe_webkit	< 2.36.7	Yes

References

http://seclists.org/fulldisclosure/2022/Aug/16 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2022/Oct/49 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2022/08/25/5 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2022/08/26/2 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2022/08/29/1 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2022/08/29/2 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2022/09/02/10 Mailing List, Third Party Advisory ([email protected])
http://www.openwall.com/lists/oss-security/2022/09/13/1 Mailing List, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2022/08/msg00019.html Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/ Broken Link ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/ Broken Link ([email protected])
https://security.gentoo.org/glsa/202208-39 Third Party Advisory ([email protected])
https://support.apple.com/en-us/HT213412 Vendor Advisory ([email protected])
https://support.apple.com/en-us/HT213413 Vendor Advisory ([email protected])
https://support.apple.com/en-us/HT213414 Vendor Advisory ([email protected])
https://www.debian.org/security/2022/dsa-5219 Mailing List, Third Party Advisory ([email protected])
https://www.debian.org/security/2022/dsa-5220 Mailing List, Third Party Advisory ([email protected])
http://seclists.org/fulldisclosure/2022/Aug/16 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2022/Oct/49 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2022/08/25/5 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2022/08/26/2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2022/08/29/1 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2022/08/29/2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2022/09/02/10 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2022/09/13/1 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2022/08/msg00019.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7SETAAXEPGNBMYKTUDFEZHS5LGSQ64QL/ Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YKJGV2EXVMYQW3OAJNI4WUTKKVMD2YYK/ Broken Link (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202208-39 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT213412 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT213413 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/en-us/HT213414 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2022/dsa-5219 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.debian.org/security/2022/dsa-5220 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)