Vulnerability Details : CVE-2022-42864
A race condition was addressed with improved state handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges.
Vulnerability category: Execute code
Products affected by CVE-2022-42864
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:macos:13.0:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
- cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2022-42864
0.09%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 40 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2022-42864
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
CWE ids for CVE-2022-42864
-
The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-42864
-
http://seclists.org/fulldisclosure/2022/Dec/20
Full Disclosure: APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/27
Full Disclosure: APPLE-SA-2022-12-13-8 watchOS 9.2Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/23
Full Disclosure: APPLE-SA-2022-12-13-4 macOS Ventura 13.1Mailing List;Third Party Advisory
-
https://support.apple.com/en-us/HT213534
Release Notes;Vendor Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/21
Full Disclosure: APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2Mailing List;Third Party Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/25
Full Disclosure: APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2Mailing List;Third Party Advisory
-
https://support.apple.com/en-us/HT213536
Release Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT213532
About the security content of macOS Ventura 13.1 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT213533
About the security content of macOS Monterey 12.6.2 - Apple SupportRelease Notes;Vendor Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/24
Full Disclosure: APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2Mailing List;Third Party Advisory
-
https://support.apple.com/en-us/HT213530
About the security content of iOS 16.2 and iPadOS 16.2 - Apple SupportRelease Notes;Vendor Advisory
-
http://seclists.org/fulldisclosure/2022/Dec/26
Full Disclosure: APPLE-SA-2022-12-13-7 tvOS 16.2Mailing List;Third Party Advisory
-
https://support.apple.com/en-us/HT213531
About the security content of iOS 15.7.2 and iPadOS 15.7.2 - Apple SupportRelease Notes;Vendor Advisory
-
https://support.apple.com/en-us/HT213535
About the security content of tvOS 16.2 - Apple SupportRelease Notes;Vendor Advisory
Jump to