CVE-2022-26981: Buffer Overflow
First published: Sun Mar 13 2022(Updated: )
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).
Credit: Hexhive (hexhive.epfl.ch) NCNIPC ChinaHexhive (hexhive.epfl.ch) NCNIPC ChinaHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaHexhive (hexhive.epfl.ch) NCNIPC China cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Liblouis Liblouis | <=3.21.0 | |
| Fedoraproject Fedora | =36 | |
| Apple iPadOS | <15.6 | |
| Apple iPhone OS | <15.6 | |
| Apple macOS | >=12.0<12.5 | |
| Apple tvOS | <15.6 | |
| Apple watchOS | <8.7 | |
| Apple watchOS | <8.7 | 8.7 |
| Apple tvOS | <15.6 | 15.6 |
| <12.5 | 12.5 | |
| Apple iOS | <15.6 | 15.6 |
| Apple iPadOS | <15.6 | 15.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213340 (Advisory)
- http://seclists.org/fulldisclosure/2022/Jul/12
- http://seclists.org/fulldisclosure/2022/Jul/15
- http://seclists.org/fulldisclosure/2022/Jul/16
- http://seclists.org/fulldisclosure/2022/Jul/18
- https://github.com/liblouis/liblouis/issues/1171
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L/
- https://security.gentoo.org/glsa/202301-06
- https://support.apple.com/kb/HT213340
- https://support.apple.com/kb/HT213342
- https://support.apple.com/kb/HT213345
- https://support.apple.com/kb/HT213346
- https://support.apple.com/en-us/HT213342 (Advisory)
- https://support.apple.com/en-us/HT213346 (Advisory)
- https://support.apple.com/en-us/HT213345 (Advisory)
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L/
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2022-32832
- CVE-2022-32788
- CVE-2022-32824
- CVE-2022-32826
- CVE-2022-32845
- CVE-2022-32840
- CVE-2022-32810
- CVE-2022-32820
- CVE-2022-32825
- CVE-2022-32839
- CVE-2022-32819
- CVE-2022-32793
- CVE-2022-32821
- CVE-2022-32787
- CVE-2022-32841
- CVE-2022-48503
- CVE-2022-32813
- CVE-2022-32815
- CVE-2022-32817
- CVE-2022-32844
- CVE-2022-26981
- CVE-2022-32823
- CVE-2022-32814
- CVE-2022-32857
- CVE-2022-32863
- CVE-2022-32816
- CVE-2022-32792
- CVE-2022-32847
- CVE-2022-32828
- CVE-2022-32849
- CVE-2022-32802
- CVE-2022-32830
- CVE-2022-32837
- CVE-2022-42805
- CVE-2022-32948
- CVE-2022-32829
- CVE-2022-32855
- CVE-2022-32785
- CVE-2022-26768
- CVE-2022-32838
- CVE-2022-32784
- CVE-2022-32885
- CVE-2022-2294
- CVE-2022-32860
- CVE-2022-42858
- CVE-2022-32880
- CVE-2022-48578
- CVE-2022-32797
- CVE-2022-32851
- CVE-2022-32852
- CVE-2022-32853
- CVE-2022-32831
- CVE-2022-32910
- CVE-2022-32789
- CVE-2022-32805
- CVE-2022-32897
- CVE-2022-32811
- CVE-2022-32812
- CVE-2022-32786
- CVE-2022-32800
- CVE-2022-32843
- CVE-2022-46708
- CVE-2022-32796
- CVE-2022-32842
- CVE-2022-32798
- CVE-2022-32799
- CVE-2022-32818
- CVE-2022-32807
- CVE-2022-32801
- CVE-2021-28544
- CVE-2022-24070
- CVE-2022-29046
- CVE-2022-29048
- CVE-2022-32834
- CVE-2022-32933
- CVE-2022-32861
- CVE-2022-32848
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2022-26981.
Which software versions are affected by CVE-2022-26981?
CVE-2022-26981 affects macOS Monterey up to version 12.5, iOS up to version 15.6, iPadOS up to version 15.6, tvOS up to version 15.6, and watchOS up to version 8.7.
How was CVE-2022-26981 addressed?
CVE-2022-26981 was addressed with improved checks.
How can I remediate CVE-2022-26981?
To remediate CVE-2022-26981, update your Apple devices to the recommended versions: macOS Monterey 12.5, iOS 15.6, iPadOS 15.6, tvOS 15.6, and watchOS 8.7.
Where can I find more information about CVE-2022-26981?
You can find more information about CVE-2022-26981 on the following references: - [Apple Support - HT213345](https://support.apple.com/en-us/HT213345) - [Apple Support - HT213342](https://support.apple.com/en-us/HT213342) - [Apple Support - HT213340](https://support.apple.com/en-us/HT213340)
- agent/type
- agent/softwarecombine
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/weakness
- agent/remedy
- agent/severity
- agent/author
- agent/description
- source/Apple
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/references
- agent/tags
- agent/first-publish-date
- agent/event
- agent/trending
- vendor/apple
- canonical/apple watchos
- vendor/liblouis
- canonical/liblouis liblouis
- version/liblouis liblouis/3.21.0
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/36
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple macos
- version/apple macos/12.0
- canonical/apple tvos
- canonical/apple ios
- canonical/apple macos monterey