Issued: Sunday, 3 April, 2022 |
Last Revision: Sunday, 3 April, 2022 |
Vendor: |
Product: |
Severity Level: |
Apple has released iOS 15.4.1, iPad OS 15.4.1 and macOS Monterey 12.3.1. This release address an outof-bounds write and an out-of-bounds read issue. In this version, enhanced bounds checking and improved input validation are used to fix both of the previously described concerns.
Out-of-bounds write issues might allow an application to run arbitrary code with kernel privileges, while out-of-bounds read issues could expose kernel memory.
According to Apple, this vulnerability may have been actively exploited.
CVE/Vulnerability | Description | CVSS3.0 Score |
CVE-2022-22675 | Arbitrary code execution | n/a |
CVE-2022-22674 | Disclosure of kernel memory | n/a |
Table 1: Vulnerability details
CVE/Vulnerability | Affected Product(s) |
CVE-2022-22675 | iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) |
CVE-2022-22674 | macOS Monterey prior to version 12.3.1 |
Table 2: Vulnerable versions
We encourage the Organizations and individual users to update the affected products with the vendor provided updates.