Headline
Apple Security Advisory 2022-07-20-6
Apple Security Advisory 2022-07-20-6 - watchOS 8.7 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2022-07-20-6 watchOS 8.7
watchOS 8.7 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213340.
APFS
Available for: Apple Watch Series 3 and later
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32832: Tommy Muir (@Muirey03)
AppleAVD
Available for: Apple Watch Series 3 and later
Impact: A remote user may be able to cause kernel code execution
Description: A buffer overflow issue was addressed with improved
bounds checking.
CVE-2022-32788: Natalie Silvanovich of Google Project Zero
AppleAVD
Available for: Apple Watch Series 3 and later
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2022-32824: Antonio Zekic (@antoniozekic) and John Aakerblom
(@jaakerblom)
AppleMobileFileIntegrity
Available for: Apple Watch Series 3 and later
Impact: An app may be able to gain root privileges
Description: An authorization issue was addressed with improved state
management.
CVE-2022-32826: Mickey Jin (@patch1t) of Trend Micro
Apple Neural Engine
Available for devices with Apple Neural Engine: Apple Watch Series 4
and later
Impact: An app may be able to break out of its sandbox
Description: This issue was addressed with improved checks.
CVE-2022-32845: Mohamed Ghannam (@_simo36)
Apple Neural Engine
Available for devices with Apple Neural Engine: Apple Watch Series 4
and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: This issue was addressed with improved checks.
CVE-2022-32840: Mohamed Ghannam (@_simo36)
Apple Neural Engine
Available for devices with Apple Neural Engine: Apple Watch Series 4
and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32810: Mohamed Ghannam (@_simo36)
Audio
Available for: Apple Watch Series 3 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: An out-of-bounds write issue was addressed with improved
input validation.
CVE-2022-32820: an anonymous researcher
Audio
Available for: Apple Watch Series 3 and later
Impact: An app may be able to disclose kernel memory
Description: The issue was addressed with improved memory handling.
CVE-2022-32825: John Aakerblom (@jaakerblom)
CoreText
Available for: Apple Watch Series 3 and later
Impact: A remote user may cause an unexpected app termination or
arbitrary code execution
Description: The issue was addressed with improved bounds checks.
CVE-2022-32839: STAR Labs (@starlabs_sg)
File System Events
Available for: Apple Watch Series 3 and later
Impact: An app may be able to gain root privileges
Description: A logic issue was addressed with improved state
management.
CVE-2022-32819: Joshua Mason of Mandiant
GPU Drivers
Available for: Apple Watch Series 3 and later
Impact: An app may be able to disclose kernel memory
Description: Multiple out-of-bounds write issues were addressed with
improved bounds checking.
CVE-2022-32793: an anonymous researcher
GPU Drivers
Available for: Apple Watch Series 3 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A memory corruption issue was addressed with improved
validation.
CVE-2022-32821: John Aakerblom (@jaakerblom)
ICU
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-32787: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs
& DNSLab, Korea Univ.
ImageIO
Available for: Apple Watch Series 3 and later
Impact: Processing a maliciously crafted image may result in
disclosure of process memory
Description: The issue was addressed with improved memory handling.
CVE-2022-32841: hjy79425575
Kernel
Available for: Apple Watch Series 3 and later
Impact: An app with root privileges may be able to execute arbitrary
code with kernel privileges
Description: The issue was addressed with improved memory handling.
CVE-2022-32813: Xinru Chi of Pangu Lab
CVE-2022-32815: Xinru Chi of Pangu Lab
Kernel
Available for: Apple Watch Series 3 and later
Impact: An app may be able to disclose kernel memory
Description: An out-of-bounds read issue was addressed with improved
bounds checking.
CVE-2022-32817: Xinru Chi of Pangu Lab
Kernel
Available for: Apple Watch Series 3 and later
Impact: An app with arbitrary kernel read and write capability may be
able to bypass Pointer Authentication
Description: A logic issue was addressed with improved state
management.
CVE-2022-32844: Sreejith Krishnan R (@skr0x1c0)
Liblouis
Available for: Apple Watch Series 3 and later
Impact: An app may cause unexpected app termination or arbitrary code
execution
Description: This issue was addressed with improved checks.
CVE-2022-26981: Hexhive (hexhive.epfl.ch), NCNIPC of China
(nipc.org.cn)
libxml2
Available for: Apple Watch Series 3 and later
Impact: An app may be able to leak sensitive user information
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2022-32823
Multi-Touch
Available for: Apple Watch Series 3 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A type confusion issue was addressed with improved
checks.
CVE-2022-32814: Pan ZhenPeng (@Peterpan0927)
Multi-Touch
Available for: Apple Watch Series 3 and later
Impact: An app may be able to execute arbitrary code with kernel
privileges
Description: A type confusion issue was addressed with improved state
handling.
CVE-2022-32814: Pan ZhenPeng (@Peterpan0927)
Software Update
Available for: Apple Watch Series 3 and later
Impact: A user in a privileged network position can track a user’s
activity
Description: This issue was addressed by using HTTPS when sending
information over the network.
CVE-2022-32857: Jeffrey Paul (sneak.berlin)
WebKit
Available for: Apple Watch Series 3 and later
Impact: Visiting a website that frames malicious content may lead to
UI spoofing
Description: The issue was addressed with improved UI handling.
WebKit Bugzilla: 239316
CVE-2022-32816: Dohyun Lee (@l33d0hyun) of SSD Secure Disclosure Labs
& DNSLab, Korea Univ.
WebKit
Available for: Apple Watch Series 3 and later
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
input validation.
WebKit Bugzilla: 240720
CVE-2022-32792: Manfred Paul (@_manfp) working with Trend Micro Zero
Day Initiative
Wi-Fi
Available for: Apple Watch Series 3 and later
Impact: A remote user may be able to cause unexpected system
termination or corrupt kernel memory
Description: This issue was addressed with improved checks.
CVE-2022-32847: Wang Yu of Cyberserval
Additional recognition
AppleMobileFileIntegrity
We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive
Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła
(@_r3ggi) of SecuRing for their assistance.
configd
We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive
Security, Mickey Jin (@patch1t) of Trend Micro, and Wojciech Reguła
(@_r3ggi) of SecuRing for their assistance.
Instructions on how to update your Apple Watch software are available
at https://support.apple.com/kb/HT204641 To check the version on
your Apple Watch, open the Apple Watch app on your iPhone and select
"My Watch > General > About". Alternatively, on your watch, select
"My Watch > General > About".
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.
This message is signed with Apple’s Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmLYeuUACgkQeC9qKD1p
rhjSsg//XnukSPtKHk58IOSkcWaTk0WdrYv2+dGbdgkcPBgO2ehNQqk1xI3LDHLN
b6A5MMaoR4ityTEC+i4XFWxVJNfzXFa1SHMiht1uJDtaNCc2F+VIP+EZJx2KYe7H
O8F0g9lF33hQE3xDjrwtPe+7wYjfzgDX8iCbsfaNDPAWBq0BfNA8/4bv5GzPaPC4
qcP+W9IRb11yAzlnCEgJNhMB0SLwtzpcUYLKcJbPdilABeYe08CLIIVAw2vKI1Kk
J7sk/ZiGKnB1ZHa+fl17ahApKkLePnFtHR9rMseEpyRbPa7EvomZxUQoLvbaDf+Q
gRqtysAw8oxfhetorvDFwAem3eCRdgJ/T/0U6jC+4dfHzVnGxV27K/PgF3GWRDU5
trPVZ0cu8qdzgNAwSuRHTxTg923FN7cR14NL66TkGZ1d/VKfn1l0h1wctoPOhHPR
zWJi5P8WbprG1XVWNx+aJYW09VIMsujJrrGQSn78o6gXOR2salEDiCs2JixKZnqK
CV4+uGQIiE8bD0oA1B1uFQiPx3XtgOY92QQl8Jnn/7Xa6QQ0hq/3NmDN66RzO78S
I4pH4Vt/L0LNoArGMCrO4URpLiQx5Au0niH5+jbvHyWr1Bm3Y+dMRP1yds3aLQ0Q
16FIrWStzY+cnmOXQKczTIiaJYuSMjCOQicLuWx/q2ghfLCJ16E=
=6Uj+
-----END PGP SIGNATURE-----
Related news
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2022-48618 (CVSS score: 7.8), concerns a bug in the kernel component. "An attacker with
A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the lock screen.
The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.
The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data.
Gentoo Linux Security Advisory 202301-6 - Multiple vulnerabilities have been discovered in liblouis, the worst of which could result in denial of service. Versions less than 3.22.0 are affected.
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
This month's Patch Tuesday offers a little something for everyone, including security updates for a zero-day flaw in Microsoft Windows that is under active attack, and another Windows weakness experts say could be used to power a fast-spreading computer worm. Also, Apple has also quashed a pair of zero-day bugs affecting certain macOS and iOS users, and released iOS 16, which includes a nifty new privacy and security feature called "Lockdown Mode." And Adobe axed 63 vulnerabilities in a range of products.
Gentoo Linux Security Advisory 202208-39 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Versions less than 2.36.7 are affected.
A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.
Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5, watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory.
Ubuntu Security Notice 5568-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
Plus: A Google Chrome patch licks the DevilsTongue spyware, Android’s kernel gets a tune-up, and Microsoft fixes 84 flaws.
Apple Security Advisory Safari - Safari 15.6 addresses code execution and out of bounds write vulnerabilities.
Apple Security Advisory 2022-07-20-5 - tvOS 15.6 addresses buffer overflow, bypass, code execution, information leakage, out of bounds read, out of bounds write, and spoofing vulnerabilities.
Apple Security Advisory 2022-07-20-4 - Security Update 2022-005 Catalina addresses code execution, information leakage, null pointer, out of bounds read, and out of bounds write vulnerabilities.
Apple Security Advisory 2022-07-20-3 - macOS Big Sur 11.6.8 addresses code execution, information leakage, null pointer, out of bounds read, and out of bounds write vulnerabilities.
Apple Security Advisory 2022-07-20-2 - macOS Monterey 12.5 addresses bypass, code execution, information leakage, null pointer, out of bounds read, out of bounds write, and spoofing vulnerabilities.
Apple Security Advisory 2022-07-20-1 - iOS 15.6 and iPadOS 15.6 addresses buffer overflow, bypass, code execution, information leakage, null pointer, out of bounds read, out of bounds write, and spoofing vulnerabilities.
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Apple on Wednesday rolled out software fixes for iOS, iPadOS, macOS, tvOS, and watchOS to address a number of security flaws affecting its platforms. This includes at least 37 flaws spanning different components in iOS and macOS that range from privilege escalation to arbitrary code execution and from information disclosure to denial-of-service (DoS). Chief among them is
Ubuntu Security Notice 5476-1 - Han Zheng discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue was addressed in Ubuntu 21.10 and Ubuntu 22.04 LTS. It was discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash.
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).