CVE-2022-26702: Use After Free
First published: Mon May 16 2022(Updated: )
A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. An application may be able to execute arbitrary code with kernel privileges.
Credit: an anonymous researcher Antonio Zekic @antoniozekic John Aakerblom @jaakerblom Mickey Jin @patch1t Brandon Dalton @partyD0lphin Red CanaryCsaba Fitzl @theevilbit Offensive SecurityRıza Sabuncu @rizasabuncu JeongOhKyea Tingting Yin Tsinghua UniversityAleksandar Nikolic Cisco TalosYe Zhang @VAR10CK Baidu Securityryuzaki Murray Mike Arsenii Kostromin (0x3c3e) Félix Poulin-Bélanger David Pan Ogea Xinru Chi Pangu LabNed Williamson Google Project ZeroPan ZhenPeng STAR Labs SG PteZweig Kunlun LabJoshua Jones Zhuowei Zhang Adam M. Guilherme Rambo Best Buddy AppsCVE-2023-0433 CVE-2023-0512 Mohamed GHANNAM @_simo36 product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | <11.7.5 | 11.7.5 |
| tvOS | <15.5 | 15.5 |
| Apple iOS, iPadOS, and watchOS | <15.5 | 15.5 |
| Apple iOS, iPadOS, and watchOS | <15.5 | 15.5 |
| Apple iOS, iPadOS, and watchOS | <8.6 | 8.6 |
| Apple iOS, iPadOS, and watchOS | <15.5 | |
| iStyle @cosme iPhone OS | <15.5 | |
| tvOS | <15.5 | |
| Apple iOS, iPadOS, and watchOS | <8.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213258 (Advisory)
- https://support.apple.com/en-us/HT213253 (Advisory)
- https://support.apple.com/en-us/HT213254 (Advisory)
- https://support.apple.com/kb/HT213675
- http://seclists.org/fulldisclosure/2023/Mar/21
- https://support.apple.com/en-us/HT213675 (Advisory)
- https://support.apple.com/en-us/102784 (Advisory)
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2023-23540
- CVE-2022-26702
- CVE-2023-23527
- CVE-2023-27951
- CVE-2023-27961
- CVE-2023-23534
- CVE-2023-27955
- CVE-2023-27936
- CVE-2023-40398
- CVE-2023-27935
- CVE-2023-27953
- CVE-2023-27958
- CVE-2023-23537
- CVE-2023-32366
- CVE-2023-27937
- CVE-2023-27928
- CVE-2023-27946
- CVE-2023-23535
- CVE-2023-32378
- CVE-2023-27941
- CVE-2023-28199
- CVE-2023-23536
- CVE-2023-23514
- CVE-2023-28200
- CVE-2023-28185
- CVE-2023-23525
- CVE-2023-41075
- CVE-2023-28189
- CVE-2023-28197
- CVE-2023-28182
- CVE-2023-27962
- CVE-2023-27942
- CVE-2023-23542
- CVE-2023-28192
- CVE-2023-0433
- CVE-2023-0512
- CVE-2023-27944
- CVE-2022-22675
- CVE-2022-26724
- CVE-2022-26736
- CVE-2022-26737
- CVE-2022-26738
- CVE-2022-26739
- CVE-2022-26740
- CVE-2022-26763
- CVE-2022-26711
- CVE-2022-26701
- CVE-2022-26768
- CVE-2022-26771
- CVE-2022-26714
- CVE-2022-26757
- CVE-2022-26764
- CVE-2022-26765
- CVE-2022-26706
- CVE-2022-26775
- CVE-2022-26708
- CVE-2022-32790
- CVE-2022-26776
- CVE-2022-23308
- CVE-2022-26766
- CVE-2022-26700
- CVE-2022-26709
- CVE-2022-26710
- CVE-2022-26717
- CVE-2022-26716
- CVE-2022-26719
- CVE-2022-26745
- CVE-2022-26751
- CVE-2022-32781
- CVE-2022-26744
- CVE-2022-22673
- CVE-2022-26731
- CVE-2022-26703
- CVE-2022-26704
- CVE-2022-26726
- CVE-2022-22677
- CVE-2022-26760
- CVE-2015-4142
- CVE-2022-26762
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-26702.
What is the description of this vulnerability?
The vulnerability is a use after free issue in AppleAVD that has been addressed with improved memory management.
Which software versions are affected by this vulnerability?
The vulnerability affects macOS Big Sur up to version 11.7.5, iOS up to version 15.5, iPadOS up to version 15.5, tvOS up to version 15.5, and watchOS up to version 8.6.
What is the severity of CVE-2022-26702?
The severity of CVE-2022-26702 has not been provided.
How can I fix CVE-2022-26702?
To fix CVE-2022-26702, update your software to the latest version provided by Apple.
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/source
- collector/apple-support
- source/Apple
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/event
- agent/last-modified-date
- agent/description
- alias/CVE-2023-23527
- alias/CVE-2023-27951
- alias/CVE-2023-27961
- alias/CVE-2023-23534
- alias/CVE-2023-27955
- alias/CVE-2023-27936
- alias/CVE-2023-40398
- alias/CVE-2023-27935
- alias/CVE-2023-27953
- alias/CVE-2023-27958
- alias/CVE-2023-23537
- alias/CVE-2023-32366
- alias/CVE-2023-27937
- alias/CVE-2023-27928
- alias/CVE-2023-27946
- alias/CVE-2023-23535
- alias/CVE-2023-32378
- alias/CVE-2023-27941
- alias/CVE-2023-28199
- alias/CVE-2023-23536
- alias/CVE-2023-23514
- alias/CVE-2023-28200
- alias/CVE-2023-28185
- alias/CVE-2023-23525
- alias/CVE-2023-41075
- alias/CVE-2023-28189
- alias/CVE-2023-28197
- alias/CVE-2023-28182
- alias/CVE-2023-27962
- alias/CVE-2023-27942
- alias/CVE-2023-23542
- alias/CVE-2023-28192
- alias/CVE-2023-0433
- alias/CVE-2023-0512
- alias/CVE-2023-27944
- alias/CVE-2022-26702
- agent/references
- agent/author
- agent/tags
- collector/nvd-index
- agent/softwarecombine
- vendor/apple
- canonical/apple macos
- canonical/tvos
- canonical/apple ios, ipados, and watchos
- canonical/istyle @cosme iphone os