What is CVE-2022-32799?

CVE-2022-32799 is a vulnerability in the SMB protocol that allows for an out-of-bounds read issue.

What is the severity of CVE-2022-32799?

The severity of CVE-2022-32799 is not specified.

Which software is affected by CVE-2022-32799?

The affected software includes Apple Catalina and Apple macOS Monterey version 12.5.

How was CVE-2022-32799 addressed?

CVE-2022-32799 was addressed by implementing improved bounds checking in SMB.

Where can I find more information about CVE-2022-32799?

You can find more information about CVE-2022-32799 on the Apple support website.

Vulnerability/
CVE-2022-32799

medium

5.9

CWE

125

20/7/2022

23/9/2022

3/8/2024

CVE-2022-32799

First published: Wed Jul 20 2022(Updated: )

An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Monterey 12.5. A user in a privileged network position may be able to leak sensitive information.

Credit: Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 product-security@apple.com

Affected Software	Affected Version	How to fix
Apple Catalina
	<12.5	12.5
Apple Mac OS X	=10.15.7-security_update_2020-001
Apple Mac OS X	=10.15.7-security_update_2021-001
Apple Mac OS X	=10.15.7-security_update_2021-002
Apple Mac OS X	=10.15.7-security_update_2021-003
Apple Mac OS X	=10.15.7-security_update_2021-004
Apple Mac OS X	=10.15.7-security_update_2021-005
Apple Mac OS X	=10.15.7-security_update_2021-006
Apple Mac OS X	=10.15.7-security_update_2021-007
Apple Mac OS X	=10.15.7-security_update_2021-008
Apple Mac OS X	=10.15.7-security_update_2022-001
Apple Mac OS X	=10.15.7-security_update_2022-002
Apple Mac OS X	=10.15.7-security_update_2022-003
Apple macOS	<10.15.7
Apple macOS	>=12.0<12.5
Apple macOS	=10.15.7
Apple macOS	=10.15.7-security_update_2022-004

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT213343 (Advisory)
https://support.apple.com/en-us/HT213345 (Advisory)
https://support.apple.com/kb/HT213345

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2022-32832
CVE-2022-32826
CVE-2022-32797
CVE-2022-32853
CVE-2022-32851
CVE-2022-32831
CVE-2022-32910
CVE-2022-32820
CVE-2022-32805
CVE-2022-32849
CVE-2022-32839
CVE-2022-32781
CVE-2022-32819
CVE-2022-32787
CVE-2022-32785
CVE-2022-32812
CVE-2022-32811
CVE-2022-32815
CVE-2022-32813
CVE-2021-30946
CVE-2022-32823
CVE-2022-32786
CVE-2022-32800
CVE-2022-32838
CVE-2022-32843
CVE-2022-32842
CVE-2022-32799
CVE-2022-32857
CVE-2022-32807
CVE-2022-26704
CVE-2022-32834
CVE-2021-4136
CVE-2021-4166
CVE-2021-4173
CVE-2021-4187
CVE-2021-4192
CVE-2021-4193
CVE-2021-46059
CVE-2022-0128
CVE-2022-32860
CVE-2022-32837
CVE-2022-32847
CVE-2022-42858
CVE-2022-32788
CVE-2022-32880
CVE-2022-42805
CVE-2022-32948
CVE-2022-32810
CVE-2022-32840
CVE-2022-32845
CVE-2022-48578
CVE-2022-32852
CVE-2022-32825
CVE-2022-32789
CVE-2022-32828
CVE-2022-32793
CVE-2022-32821
CVE-2022-32897
CVE-2022-32802
CVE-2022-32841
CVE-2022-48503
CVE-2022-32817
CVE-2022-32829
CVE-2022-26981
CVE-2022-32814
CVE-2022-46708
CVE-2022-32796
CVE-2022-32798
CVE-2022-32818
CVE-2022-32801
CVE-2021-28544
CVE-2022-24070
CVE-2022-29046
CVE-2022-29048
CVE-2022-32933
CVE-2022-32885
CVE-2022-32861
CVE-2022-32863
CVE-2022-32816
CVE-2022-32792
CVE-2022-2294
CVE-2022-32848

Frequently Asked Questions

What is CVE-2022-32799?
CVE-2022-32799 is a vulnerability in the SMB protocol that allows for an out-of-bounds read issue.
What is the severity of CVE-2022-32799?
The severity of CVE-2022-32799 is not specified.
Which software is affected by CVE-2022-32799?
The affected software includes Apple Catalina and Apple macOS Monterey version 12.5.
How was CVE-2022-32799 addressed?
CVE-2022-32799 was addressed by implementing improved bounds checking in SMB.
Where can I find more information about CVE-2022-32799?
You can find more information about CVE-2022-32799 on the Apple support website.

collector/apple-support
collector/nvd-index
agent/type
agent/first-publish-date
agent/softwarecombine
agent/severity
agent/weakness
agent/author
agent/description
agent/references
source/Apple
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/tags
agent/event
agent/trending
vendor/apple
canonical/apple catalina
canonical/apple mac os x
version/apple mac os x/10.15.7-security_update_2020-001
version/apple mac os x/10.15.7-security_update_2021-001
version/apple mac os x/10.15.7-security_update_2021-002
version/apple mac os x/10.15.7-security_update_2021-003
version/apple mac os x/10.15.7-security_update_2021-004
version/apple mac os x/10.15.7-security_update_2021-005
version/apple mac os x/10.15.7-security_update_2021-006
version/apple mac os x/10.15.7-security_update_2021-007
version/apple mac os x/10.15.7-security_update_2021-008
version/apple mac os x/10.15.7-security_update_2022-001
version/apple mac os x/10.15.7-security_update_2022-002
version/apple mac os x/10.15.7-security_update_2022-003
canonical/apple macos
version/apple macos/12.0
version/apple macos/10.15.7
version/apple macos/10.15.7-security_update_2022-004
canonical/apple macos monterey