CVE-2022-32844 Vulnerability Details

  /     /     /  

CVE-2022-32844 Metadata Quick Info

CVE Published: 27/02/2023 | CVE Updated: 03/08/2024 | CVE Year: 2022
Source: apple | Vendor: Apple | Product: tvOS
Status : PUBLISHED

---

CVE-2022-32844 Description

A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication
Source: Apple

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).