CVE-2022-32792
medium
CVSS v3
—
CVSS v2
—
VIR risk
5.5
Description
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2022-32792
Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2022-32792.html
Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2022:8054
OS impact
| OS | Version | Status | Fixed in |
|---|---|---|---|
| arch | fixed | 2.36.5-1 | |
| rhel | 9 | fixed | |
| sles | affected | | |
| debian | bookworm | fixed | 2.36.6-1 |
| debian | bullseye | fixed | 2.36.6-1~deb11u1 |
| debian | forky | fixed | 2.36.6-1 |
| debian | sid | fixed | 2.36.6-1 |
| debian | trixie | fixed | 2.36.6-1 |
References
Verify integrity in audit chain (admin only). AS-IS.