CVE-2022-26764

medium

Description

A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.

References

https://support.apple.com/en-us/HT213257

https://support.apple.com/en-us/HT213254

https://support.apple.com/en-us/HT213253

https://support.apple.com/en-us/HT213258

Details

Source: MITRE

Published: 2022-05-26

Updated: 2022-06-08

Type: CWE-787

Risk Information

CVSS v2

Base Score: 2.6

Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 4.9

Severity: LOW

CVSS v3

Base Score: 4.7

Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 1

Severity: MEDIUM