Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chrome security severity: Medium)

CVE-2022-3660

Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)

CVE-2022-3654

Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrome security severity: High)

CVE-2022-3652: Stable Channel Update for Desktop

Organizations should update to the latest encryption (version 3.0.7) as soon as possible, but there's no need for Heartbleed-like panic, security experts say.

Security experts described two highly anticipated vulnerabilities that the OpenSSL Project team patched Tuesday as issues that need to be addressed quickly, but not necessarily meriting a drop-everything-else type of emergency response.

The release of version 3.0.7 of the almost ubiquitously used cryptographic library addresses two buffer overflow vulnerabilities, which exist in OpenSSL versions 3.0.0 to 3.0.6.

Leading up to the disclosure, security experts had warned that one of the issues, originally characterized as a "critical" remote code-execution issue, could present a Heartbleed-level, all-hands-on-deck problem. Thankfully, that doesn't seem to be the case — and in disclosing the flaw, the OpenSSL project team said it had decided to downgrade the threat to "high" based on feedback from organizations that had tested and analyzed the bug.

**A Pair of Buffer Overflows**

The first bug (CVE-2022-3602) could indeed — under a specific set of circumstances — enable RCE, which originally led some security experts to worry that the flaw could have industry-wide repercussions. But it turns out that there are mitigating circumstances: For one, it's difficult to exploit, as explained below. Also, not all systems are impacted.

Specifically, only browsers that support OpenSSL 3.0.0 through 3.0.6, such as Firefox and Internet Explorer, are impacted at this time, according to Mark Ellzey, senior security researcher at Censys; notably unaffected is Google Chrome, which is the leading Internet browser.

"The impact is expected to be minimal due to the complexity of the attack and the limitations in how it can be carried out," he says. "Organizations should brush up on their phishing training and keep an eye on threat intelligence sources to ensure they are prepared if they are targeted by an attack such as this."

To boot, Alex Ilgayev, lead security researcher at Cycode, noted that the flaw can't be exploited on certain Linux distributions; and, many modern OS platforms implement stack overflow protections to mitigate against threats like these in any event, Ilgayev says.

The second vulnerability (CVE-2022-3786), which was uncovered while a fix for the original flaw was being developed, could be used to trigger denial of service (DoS) conditions. The OpenSSL team assessed the vulnerability as being of high severity but ruled out the possibility of it being used for RCE exploitation.

Both vulnerabilities are tied to a functionality called Punycode for encoding internationalized domain names.

"Users of OpenSSL 3.0.0 - 3.0.6 are encouraged to upgrade to 3.0.7 as soon as possible," the OpenSSL team said in a blog accompanying the bug disclosure and release of the new version of the cryptographic library. "If you obtain your copy of OpenSSL from your Operating System vendor or other third party then you should seek to obtain an updated version from them as soon as possible."

**Not Another Heartbleed**

The bug disclosure is sure to tamp down — for the moment, at least — the widespread concern sparked by the OpenSSL team's notification last week of its then-impending bug disclosure. The description of the first flaw as being "critical," in particular, had prompted several comparisons to 2014's "Heartbleed" bug — the only other bug in OpenSSL to earn a critical rating. That bug (CVE-2014-0160) impacted a wide swathe of the Internet and even now has not be fully addressed at many organizations.

"Heartbleed was exposed by default on any software that used a vulnerable version of OpenSSL, and it was very easily exploitable by attackers to see cryptographic keys and passwords stored in server memory," says Jonathan Knudsen, head of global research at Synopsys Cybersecurity Research Center. "The two vulnerabilities just reported in OpenSSL are serious but not of the same magnitude."

**OpenSSL Bugs Are Hard to Exploit...**

To exploit either of the new flaws, vulnerable servers would need to request client certificate authentication, which is not the norm, Knudsen says. And vulnerable clients would need to connect to a malicious server, which is a commonplace and defensible attack vector, he says.

"Nobody's hair should be on fire about these two vulnerabilities, but they are serious and should be handled with appropriate speed and diligence," he notes.

In a blog post, the SANS Internet Storm Center meanwhile described the OpenSSL update as fixing a buffer overrun during the certificate verification process. For an exploit to work, the certificate would need to contain a malicious Punycode-encoded name, and the vulnerability would be triggered only after the certificate chain is verified.

"An attacker first needs to be able to have a malicious certificate signed by a certificate authority the client trusts," SANS ISC noted. "This does not appear to be exploitable against servers. For servers, this may be exploitable if the server requests a certificate from the client."

Bottom line: The likelihood of exploitation is low since the vulnerability is complex to exploit, as is the flow and requirements to trigger it, Cycode's Ilgayev says. Plus, it affects a relatively small number of systems, compared to those using pre-3.0 versions of OpenSSL.

**...But Do Be Diligent**

At the same time, it is important to keep in mind that hard-to-exploit vulnerabilities have been exploited in the past, Ilgayev says, pointing to a zero-click exploit that the NSO Group developed for a vulnerability in iOS last year.

"\[Also\], like the OpenSSL team says, there is 'no way of knowing how every platform and compiler combination has arranged the buffers on the stack,' and therefore remote code execution may still be possible on some platforms," he cautions.

And indeed, Ellzey outlines one scenario for how attackers could exploit CVE-2022-3602, the flaw that OpenSSL team had originally assessed as critical.

"An attacker would host a malicious server and attempt to get victims to authenticate to it with an application vulnerable to OpenSSL v3.x, potentially through traditional phishing tactics," he says, although the scope is limited due to the exploit being predominantly client-side.

Vulnerabilities such as this highlight the importance of having a software bill of materials (SBOM) for every binary used, Ilgayev notes. "Looking at package managers is not enough as this library could be linked and compiled in various configurations that will affect the exploitability," he says.

The Sky Is Not Falling: Disclosed OpenSSL Bugs Are Serious but Not Critical

This issue was addressed with improved entitlements. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to record audio using a pair of connected AirPods.

Released October 24, 2022

**Apple Neural Engine**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges 

Description: The issue was addressed with improved memory handling. 

CVE-2022-32932: Mohamed Ghannam (@\_simo36)

Entry added October 27, 2022

**AppleMobileFileIntegrity**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to modify protected parts of the file system

Description: This issue was addressed by removing additional entitlements.

CVE-2022-42825: Mickey Jin (@patch1t)

**Audio**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information

Description: The issue was addressed with improved memory handling.

CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative

Entry added October 27, 2022

**AVEVideoEncoder**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved bounds checks.

CVE-2022-32940: ABC Research s.r.o.

**Backup**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to access iOS backups

Description: A permissions issue was addressed with additional restrictions. 

CVE-2022-32929: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added October 27, 2022

**CFNetwork**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Processing a maliciously crafted certificate may lead to arbitrary code execution

Description: A certificate validation issue existed in the handling of WKWebView. This issue was addressed with improved validation.

CVE-2022-42813: Jonathan Zhang of Open Computing Facility (ocf.berkeley.edu)

**Core Bluetooth**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to record audio using a pair of connected AirPods

Description: This issue was addressed with improved entitlements.

CVE-2022-32946: Guilherme Rambo of Best Buddy Apps (rambo.codes)

**FaceTime**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: A user may be able to view restricted content from the lock screen 

Description: A lock screen issue was addressed with improved state management. 

CVE-2022-32935: Bistrit Dahal

Entry added October 27, 2022

**GPU Drivers**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32947: Asahi Lina (@LinaAsahi)

**Graphics Driver**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges 

Description: The issue was addressed with improved bounds checks. 

CVE-2022-32939: Willy R. Vasquez of The University of Texas at Austin

Entry added October 27, 2022

**IOHIDFamily**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may cause unexpected app termination or arbitrary code execution

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-42820: Peter Pan ZhenPeng of STAR Labs

**IOKit**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2022-42806: Tingting Yin of Tsinghua University

**Kernel**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management. 

CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai

Entry added October 27, 2022

**Kernel**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges 

Description: A race condition was addressed with improved locking. 

CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)

Entry added October 27, 2022

**Kernel**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges 

Description: The issue was addressed with improved bounds checks.

CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai

Entry added October 27, 2022

**Kernel**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges 

Description: A logic issue was addressed with improved checks. 

CVE-2022-42801: Ian Beer of Google Project Zero

Entry added October 27, 2022

**Kernel**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32924: Ian Beer of Google Project Zero

**Kernel**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: A remote user may be able to cause kernel code execution

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-42808: Zweig of Kunlun Lab

**Kernel**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-42827: an anonymous researcher

**Model I/O**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Processing a maliciously crafted USD file may disclose memory contents 

Description: The issue was addressed with improved memory handling. 

CVE-2022-42810: Xingwei Lin (@xwlin\_roy) and Yinyi Wu of Ant Security Light-Year Lab

Entry added October 27, 2022

**ppp**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: A buffer overflow may result in arbitrary code execution 

Description: The issue was addressed with improved bounds checks. 

CVE-2022-32941: an anonymous researcher

Entry added October 27, 2022

**ppp**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-42829: an anonymous researcher

**ppp**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-42830: an anonymous researcher

**ppp**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2022-42831: an anonymous researcher

CVE-2022-42832: an anonymous researcher

**Safari**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Visiting a maliciously crafted website may leak sensitive data

Description: A logic issue was addressed with improved state management.

CVE-2022-42817: Mir Masood Ali, PhD student, University of Illinois at Chicago; Binoy Chitale, MS student, Stony Brook University; Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago; Chris Kanich, Associate Professor, University of Illinois at Chicago

Entry added October 27, 2022

**Sandbox**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: An app may be able to access user-sensitive data

Description: An access issue was addressed with additional sandbox restrictions.

CVE-2022-42811: Justin Bui (@slyd0g) of Snowflake

**Shortcuts**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: A shortcut may be able to check the existence of an arbitrary path on the file system

Description: A parsing issue in the handling of directory paths was addressed with improved path validation.

CVE-2022-32938: Cristian Dinca of Tudor Vianu National High School of Computer Science of. Romania

**WebKit**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Visiting a malicious website may lead to user interface spoofing

Description: The issue was addressed with improved UI handling.

WebKit Bugzilla: 243693  
CVE-2022-42799: Jihwan Kim (@gPayl0ad), Dohyun Lee (@l33d0hyun)

**WebKit**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A type confusion issue was addressed with improved memory handling.

WebKit Bugzilla: 244622  
CVE-2022-42823: Dohyun Lee (@l33d0hyun) of SSD Labs

**WebKit**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Processing maliciously crafted web content may disclose sensitive user information

Description: A logic issue was addressed with improved state management.

WebKit Bugzilla: 245058  
CVE-2022-42824: Abdulrahman Alqabandi of Microsoft Browser Vulnerability Research, Ryan Shin of IAAI SecLab at Korea University, Dohyun Lee (@l33d0hyun) of DNSLab at Korea University

**WebKit PDF**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A use after free issue was addressed with improved memory management.

WebKit Bugzilla: 242781  
CVE-2022-32922: Yonghwi Jin (@jinmo123) at Theori working with Trend Micro Zero Day Initiative

**WebKit**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Processing maliciously crafted web content may disclose internal states of the app

Description: A correctness issue in the JIT was addressed with improved checks.

WebKit Bugzilla: 242964  
CVE-2022-32923: Wonyoung Jung (@nonetype\_pwn) of KAIST Hacking Lab

Entry added October 27, 2022

**Wi-Fi**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app 

Description: The issue was addressed with improved memory handling.

CVE-2022-32927: Dr Hideaki Goto of Tohoku University, Japan

Entry added October 27, 2022

**zlib**

Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, iPad mini 5th generation and later

Impact: A user may be able to cause unexpected app termination or arbitrary code execution 

Description: This issue was addressed with improved checks.

CVE-2022-37434: Evgeny Legerov

CVE-2022-42800: Evgeny Legerov

Entry added October 27, 2022

CVE-2022-32946: About the security content of iOS 16.1 and iPadOS 16

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 15.7 and iPadOS 15.7, iOS 16.1 and iPadOS 16. An app may be able to access iOS backups.

Released October 27, 2022

**Apple Neural Engine**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32932: Mohamed Ghannam (@\_simo36)

**Audio**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information

Description: The issue was addressed with improved memory handling.

CVE-2022-42798: Anonymous working with Trend Micro Zero Day Initiative

**Backup**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An app may be able to access iOS backups

Description: A permissions issue was addressed with additional restrictions.

CVE-2022-32929: Csaba Fitzl (@theevilbit) of Offensive Security

**FaceTime**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A user may be able to view restricted content from the lock screen

Description: A lock screen issue was addressed with improved state management.

CVE-2022-32935: Bistrit Dahal

**Graphics Driver**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved bounds checks.

CVE-2022-32939: Willy R. Vasquez of The University of Texas at Austin

**Image Processing**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: This issue was addressed with improved checks.

CVE-2022-32949: Tingting Yin of Tsinghua University

**Kernel**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-32944: Tim Michaud (@TimGMichaud) of Moveworks.ai

**Kernel**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2022-42803: Xinru Chi of Pangu Lab, John Aakerblom (@jaakerblom)

**Kernel**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An app with root privileges may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved bounds checks.

CVE-2022-32926: Tim Michaud (@TimGMichaud) of Moveworks.ai

**Kernel**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-42827: an anonymous researcher

**Kernel**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A logic issue was addressed with improved checks.

CVE-2022-42801: Ian Beer of Google Project Zero

**Model I/O**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: The issue was addressed with improved memory handling.

CVE-2022-42810: Xingwei Lin (@xwlin\_roy) and Yinyi Wu of Ant Security Light-Year Lab

**ppp**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A buffer overflow may result in arbitrary code execution

Description: The issue was addressed with improved bounds checks.

CVE-2022-32941: an anonymous researcher

**Safari**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Visiting a maliciously crafted website may leak sensitive data

Description: A logic issue was addressed with improved state management.

CVE-2022-42817: Mir Masood Ali, PhD student, University of Illinois at Chicago; Binoy Chitale, MS student, Stony Brook University; Mohammad Ghasemisharif, PhD Candidate, University of Illinois at Chicago; Chris Kanich, Associate Professor, University of Illinois at Chicago

**WebKit**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Processing maliciously crafted web content may disclose internal states of the app

Description: A correctness issue in the JIT was addressed with improved checks.

WebKit Bugzilla: 242964  
CVE-2022-32923: Wonyoung Jung (@nonetype\_pwn) of KAIST Hacking Lab

**Wi-Fi**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: Joining a malicious Wi-Fi network may result in a denial-of-service of the Settings app

Description: The issue was addressed with improved memory handling.

CVE-2022-32927: Dr Hideaki Goto of Tohoku University, Japan

**zlib**

Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)

Impact: A user may be able to cause unexpected app termination or arbitrary code execution

Description: This issue was addressed with improved checks.

CVE-2022-37434: Evgeny Legerov

CVE-2022-42800: Evgeny Legerov

CVE-2022-32929: About the security content of iOS 15.7.1 and iPadOS 15.7.1

A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted image may lead to arbitrary code execution.

CVE-2022-26730: About the security content of macOS Ventura 13

A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges.

Released September 12, 2022

**Accelerate Framework**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-42795: ryuzaki

**AppleAVD**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: This issue was addressed with improved checks.

CVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee\_\_)

**GPU Drivers**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32903: an anonymous researcher

**ImageIO**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: Processing an image may lead to a denial-of-service

Description: A denial-of-service issue was addressed with improved validation.

CVE-2022-1622

**Image Processing**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: A sandboxed app may be able to determine which app is currently using the camera

Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit)

**Image Processing**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD 

Impact: An app may be able to execute arbitrary code with kernel privileges 

Description: This issue was addressed with improved checks. 

CVE-2022-32949: Tingting Yin of Tsinghua University

**Kernel**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

**Kernel**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)

CVE-2022-32911: Zweig of Kunlun Lab

**Kernel**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32914: Zweig of Kunlun Lab

**MediaLibrary**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: A user may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-32908: an anonymous researcher

**Notifications**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: A user with physical access to a device may be able to access contacts from the lock screen

Description: A logic issue was addressed with improved state management.

CVE-2022-32879: Ubeydullah Sümer

**Sandbox**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: An app may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security

**SQLite**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: A remote user may be able to cause a denial-of-service

Description: This issue was addressed with improved checks.

CVE-2021-36690

**WebKit**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

WebKit Bugzilla: 241969  
CVE-2022-32886: P1umer(@p1umer), afang(@afang5472), xmzyshypnc(@xmzyshypnc1)

**WebKit**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds write issue was addressed with improved bounds checking.

WebKit Bugzilla: 242047  
CVE-2022-32888: P1umer (@p1umer)

**WebKit**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

WebKit Bugzilla: 242762  
CVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative

**WebKit**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: Visiting a website that frames malicious content may lead to UI spoofing

Description: The issue was addressed with improved UI handling.

WebKit Bugzilla: 242762  
CVE-2022-32891: @real\_as3617, an anonymous researcher

**Wi-Fi**

Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD

Impact: An app may be able to cause unexpected system termination or write kernel memory

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32925: Wang Yu of Cyberserval

CVE-2022-32903: About the security content of tvOS 16

This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier.

Released September 12, 2022

**Accelerate Framework**

Available for: Apple Watch Series 4 and later

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-42795: ryuzaki

**AppleAVD**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: This issue was addressed with improved checks.

CVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee\_\_)

**Apple Neural Engine**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to leak sensitive kernel state

Description: The issue was addressed with improved memory handling.

CVE-2022-32858: Mohamed Ghannam (@\_simo36)

**Apple Neural Engine**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32898: Mohamed Ghannam (@\_simo36)

CVE-2022-32899: Mohamed Ghannam (@\_simo36)

CVE-2022-32889: Mohamed Ghannam (@\_simo36)

**Contacts**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to bypass Privacy preferences

Description: This issue was addressed with improved checks.

CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security

**Exchange**

Available for: Apple Watch Series 4 and later

Impact: A user in a privileged network position may be able to intercept mail credentials

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32928: an anonymous researcher

**GPU Drivers**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32903: an anonymous researcher

**ImageIO**

Available for: Apple Watch Series 4 and later

Impact: Processing an image may lead to a denial-of-service

Description: A denial-of-service issue was addressed with improved validation.

CVE-2022-1622

**Image Processing**

Available for: Apple Watch Series 4 and later

Impact: A sandboxed app may be able to determine which app is currently using the camera

Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit)

**Kernel**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

**Kernel**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)

CVE-2022-32911: Zweig of Kunlun Lab

**Kernel**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32914: Zweig of Kunlun Lab

**Kernel**

Available for: Apple Watch Series 4 and later

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32894: an anonymous researcher

**Maps**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32883: Ron Masas of breakpointhq.com

**MediaLibrary**

Available for: Apple Watch Series 4 and later

Impact: A user may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-32908: an anonymous researcher

**Notifications**

Available for: Apple Watch Series 4 and later

Impact: A user with physical access to a device may be able to access contacts from the lock screen

Description: A logic issue was addressed with improved state management.

CVE-2022-32879: Ubeydullah Sümer

**Sandbox**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security

**Siri**

Available for: Apple Watch Series 4 and later

Impact: A user with physical access to a device may be able to use Siri to obtain some call history information

Description: A logic issue was addressed with improved state management.

CVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/in/andrew-goldberg-/)

**SQLite**

Available for: Apple Watch Series 4 and later

Impact: A remote user may be able to cause a denial-of-service

Description: This issue was addressed with improved checks.

CVE-2021-36690

**Watch app**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to read a persistent device identifier

Description: This issue was addressed with improved entitlements.

CVE-2022-32835: Guilherme Rambo of Best Buddy Apps (rambo.codes)

**Weather**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved state management.

CVE-2022-32875: an anonymous researcher

**WebKit**

Available for: Apple Watch Series 4 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

WebKit Bugzilla: 241969  
CVE-2022-32886: P1umer(@p1umer), afang(@afang5472), xmzyshypnc(@xmzyshypnc1)

**WebKit**

Available for: Apple Watch Series 4 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds write issue was addressed with improved bounds checking.

WebKit Bugzilla: 242047  
CVE-2022-32888: P1umer (@p1umer)

**WebKit**

Available for: Apple Watch Series 4 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

WebKit Bugzilla: 242762  
CVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative

**WebKit**

Available for: Apple Watch Series 4 and later

Impact: Visiting a website that frames malicious content may lead to UI spoofing

Description: The issue was addressed with improved UI handling.

WebKit Bugzilla: 243236  
CVE-2022-32891: @real\_as3617, an anonymous researcher

**WebKit**

Available for: Apple Watch Series 4 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

Description: An out-of-bounds write issue was addressed with improved bounds checking.

WebKit Bugzilla: 243557  
CVE-2022-32893: an anonymous researcher

**Wi-Fi**

Available for: Apple Watch Series 4 and later

Impact: An app may be able to cause unexpected system termination or write kernel memory

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32925: Wang Yu of Cyberserval

CVE-2022-32835: About the security content of watchOS 9

A logic issue was addressed with improved state management. This issue is fixed in iOS 16. Deleted contacts may still appear in spotlight search results.

Released September 12, 2022

**Accelerate Framework**

Available for: iPhone 8 and later

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-42795: ryuzaki

Entry added October 27, 2022

**AppleAVD**

Available for: iPhone 8 and later

Impact: An app may be able to cause a denial-of-service

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-32827: Antonio Zekic (@antoniozekic), Natalie Silvanovich of Google Project Zero, and an anonymous researcher

Entry added October 27, 2022

**AppleAVD**

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: This issue was addressed with improved checks.

CVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee\_\_)

Entry added October 27, 2022

**Apple Neural Engine**

Available for: iPhone 8 and later

Impact: An app may be able to leak sensitive kernel state

Description: The issue was addressed with improved memory handling.

CVE-2022-32858: Mohamed Ghannam (@\_simo36)

Entry added October 27, 2022

**Apple Neural Engine**

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32898: Mohamed Ghannam (@\_simo36)

CVE-2022-32899: Mohamed Ghannam (@\_simo36)

CVE-2022-32889: Mohamed Ghannam (@\_simo36)

Entry added October 27, 2022

**Apple TV**

Available for: iPhone 8 and later

Impact: An app may be able to access user-sensitive data

Description: The issue was addressed with improved handling of caches.

CVE-2022-32909: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added October 27, 2022

**Contacts**

Available for: iPhone 8 and later

Impact: An app may be able to bypass Privacy preferences

Description: This issue was addressed with improved checks.

CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security

**Crash Reporter**

Available for: iPhone 8 and later

Impact: A user with physical access to an iOS device may be able to read past diagnostic logs

Description: This issue was addressed with improved data protection.

CVE-2022-32867: Kshitij Kumar and Jai Musunuri of Crowdstrike

Entry added October 27, 2022

**DriverKit**

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32865: Linus Henze of Pinauten GmbH (pinauten.de)

Entry added October 27, 2022

**Exchange**

Available for: iPhone 8 and later

Impact: A user in a privileged network position may be able to intercept mail credentials

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32928: an anonymous researcher

Entry added October 27, 2022

**GPU Drivers**

Available for: iPhone 8 and later

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-26744: an anonymous researcher

Entry added October 27, 2022

**GPU Drivers**

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32903: an anonymous researcher

Entry added October 27, 2022

**ImageIO**

Available for: iPhone 8 and later

Impact: Processing an image may lead to a denial-of-service

Description: A denial-of-service issue was addressed with improved validation.

CVE-2022-1622

Entry added October 27, 2022

**Image Processing**

Available for: iPhone 8 and later

Impact: A sandboxed app may be able to determine which app is currently using the camera

Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit)

Entry added October 27, 2022

**IOGPUFamily**

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32887: an anonymous researcher

Entry added October 27, 2022

**Kernel**

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32914: Zweig of Kunlun Lab

Entry added October 27, 2022

**Kernel**

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)

CVE-2022-32911: Zweig of Kunlun Lab

Entry updated October 27, 2022

**Kernel**

Available for: iPhone 8 and later

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

**Kernel**

Available for: iPhone 8 and later

Impact: An application may be able to execute arbitrary code with kernel privileges.

Description: The issue was addressed with improved bounds checks.

CVE-2022-32917: an anonymous researcher 

**Maps**

Available for: iPhone 8 and later

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32883: Ron Masas, breakpointhq.com

**MediaLibrary**

Available for: iPhone 8 and later

Impact: A user may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-32908: an anonymous researcher

**Notifications**

Available for: iPhone 8 and later

Impact: A user with physical access to a device may be able to access contacts from the lock screen

Description: A logic issue was addressed with improved state management.

CVE-2022-32879: Ubeydullah Sümer

Entry added October 27, 2022

**Photos**

Available for: iPhone 8 and later

Impact: An app may be able to bypass Privacy preferences

Description: This issue was addressed with improved data protection.

CVE-2022-32918: an anonymous researcher, Jugal Goradia of Aastha Technologies, Srijan Shivam Mishra of The Hack Report, Evan Ricafort (evanricafort.com) of Invalid Web Security, Amod Raghunath Patwardhan of Pune, India, Ashwani Rajput of Nagarro Software Pvt. Ltd

Entry added October 27, 2022

**Safari**

Available for: iPhone 8 and later

Impact: Visiting a malicious website may lead to address bar spoofing

Description: This issue was addressed with improved checks.

CVE-2022-32795: Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati

**Safari Extensions**

Available for: iPhone 8 and later

Impact: A website may be able to track users through Safari web extensions

Description: A logic issue was addressed with improved state management.

WebKit Bugzilla: 242278  
CVE-2022-32868: Michael

**Sandbox**

Available for: iPhone 8 and later

Impact: An app may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added October 27, 2022

**Security**

Available for: iPhone 8 and later

Impact: An app may be able to bypass code signing checks

Description: An issue in code signature validation was addressed with improved checks.

CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)

Entry added October 27, 2022

**Shortcuts**

Available for: iPhone 8 and later

Impact: A person with physical access to an iOS device may be able to access photos from the lock screen

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32872: Elite Tech Guru

**Sidecar**

Available for: iPhone 8 and later

Impact: A user may be able to view restricted content from the lock screen

Description: A logic issue was addressed with improved state management.

CVE-2022-42790: Om kothawade of Zaprico Digital

Entry added October 27, 2022

**Siri**

Available for: iPhone 8 and later

Impact: A user with physical access to a device may be able to use Siri to obtain some call history information

Description: A logic issue was addressed with improved state management.

CVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/andrew-goldberg-/)

Entry added October 27, 2022

**SQLite**

Available for: iPhone 8 and later

Impact: A remote user may be able to cause a denial-of-service

Description: This issue was addressed with improved checks.

CVE-2021-36690

Entry added October 27, 2022

**Time Zone**

Available for: iPhone 8 and later

Impact: Deleted contacts may still appear in spotlight search results

Description: A logic issue was addressed with improved state management.

CVE-2022-32859

Entry added October 27, 2022

**Watch app**

Available for: iPhone 8 and later

Impact: An app may be able to read a persistent device identifier

Description: This issue was addressed with improved entitlements.

CVE-2022-32835: Guilherme Rambo of Best Buddy Apps (rambo.codes)

Entry added October 27, 2022

**Weather**

Available for: iPhone 8 and later

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved state management.

CVE-2022-32875: an anonymous researcher

Entry added October 27, 2022

**WebKit**

Available for: iPhone 8 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds write issue was addressed with improved bounds checking.

WebKit Bugzilla: 242047  
CVE-2022-32888: P1umer (@p1umer)

Entry added October 27, 2022

**WebKit**

Available for: iPhone 8 and later

Impact: Visiting a website that frames malicious content may lead to UI spoofing

Description: The issue was addressed with improved UI handling.

WebKit Bugzilla: 243236  
CVE-2022-32891: @real\_as3617, and an anonymous researcher

Entry added October 27, 2022

**WebKit**

Available for: iPhone 8 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

WebKit Bugzilla: 241969  
CVE-2022-32886: P1umer, afang5472, xmzyshypnc

**WebKit**

Available for: iPhone 8 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

WebKit Bugzilla: 242762  
CVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative

**WebKit Sandboxing**

Available for: iPhone 8 and later

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: An access issue was addressed with improvements to the sandbox.

WebKit Bugzilla: 243181  
CVE-2022-32892: @18楼梦想改造家 and @jq0904 of DBAppSecurity's WeBin lab

Entry added October 27, 2022

**Wi-Fi**

Available for: iPhone 8 and later

Impact: An app may be able to cause unexpected system termination or write kernel memory

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32925: Wang Yu of Cyberserval

Entry added October 27, 2022

Tag

#google