CVE-2022-32840: Input Validation
First published: Wed Jul 20 2022(Updated: )
AMD. A memory corruption issue was addressed with improved input validation.
Credit: Mohamed Ghannam @_simo36 product-security@apple.com Mohamed Ghannam @_simo36 Tingting Yin Tsinghua University Min Zheng Ant GroupMohamed Ghannam @_simo36 Tommy Muir @Muirey03 Natalie Silvanovich Google Project ZeroWojciech Reguła @_r3ggi SecuRingMickey Jin @patch1t Trend MicroCsaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t Trend MicroMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhanceABC Research s.r.o. Tommy Muir @Muirey03 Natalie Silvanovich Google Project ZeroWojciech Reguła @_r3ggi SecuRingMickey Jin @patch1t Trend MicroCsaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t Trend MicroMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhanceMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhanceMickey Jin @patch1t Trend MicroMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhanceMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhanceWojciech Reguła @_r3ggi SecuRingMickey Jin @patch1t Trend MicroCsaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t Trend MicroMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhanceMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhanceMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhanceNatalie Silvanovich Google Project ZeroWojciech Reguła @_r3ggi SecuRingMickey Jin @patch1t Trend MicroCsaba Fitzl @theevilbit Offensive SecurityMickey Jin @patch1t Trend MicroMohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mohamed Ghannam @_simo36 Mickey Jin @patch1t Mickey Jin @patch1t Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityMickey Jin @patch1t Trend MicroYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityYe Zhang @co0py_Cat Baidu SecurityFerdous Saljooki @malwarezoo Jamf Softwarean anonymous researcher John Aakerblom @jaakerblom Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabCsaba Fitzl @theevilbit Offensive SecurityAntonio Zekic @antoniozekic John Aakerblom @jaakerblom Daniel Lim Wee Soong STAR LabsJoshua Mason Mandiantan anonymous researcher John Aakerblom @jaakerblom Joshua Jones Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Mickey Jin @patch1t Trend MicroIvan Fratric Google Project ZeroMickey Jin @patch1t hjy79425575 Yiğit Can YILMAZ @yilmazcanyigit ABC Research s.r.o Yinyi Wu @3ndy1 ABC Research s.r.o. Dongzhuo Zhao ADLab of Venustech Cyberpeace Tech CoZhaoHai Cyberpeace Tech CoLtd. Xinru Chi Pangu LabXinru Chi Pangu LabXinru Chi Pangu LabTingting Yin Tsinghua University Ant GroupMin Zheng Ant GroupHexhive (hexhive.epfl.ch) ChinaNCNIPC ChinaCVE-2022-32823 Pan ZhenPeng @Peterpan0927 Mickey Jin @patch1t Mickey Jin @patch1t Mickey Jin @patch1t Trend MicroKai Lu Zscaler's ThreatLabzan anonymous researcher Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Sreejith Krishnan R @skr0x1c0 Jeffrey Paul (sneak.berlin) Zhipeng Huo @R3dF09 Tencent Security Xuanwu LabJoshua Mason @jhu.edu) @josh Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Evgeny Kotkov visualsvn.com Xuxiang Yang @another1024 Tencent Security Xuanwu LabGordon Long Computest Sector 7Thijs Alkemade @xnyhps Computest Sector 7Adam Chester TrustedSecYuebin Sun @yuebinsun2020 Tencent Security Xuanwu LabZhipeng Huo @R3dF09 Tencent Security Xuanwu LabBinoy Chitale Illinois at ChicagoMS student Illinois at ChicagoStony Brook University Illinois at ChicagoNick Nikiforakis Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University Illinois at ChicagoJason Polakis Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at ChicagoMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoChris Kanich Illinois at ChicagoAssociate Professor Illinois at ChicagoUniversity Illinois at Chicago Illinois at ChicagoMohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoUniversity Illinois at ChicagoP1umer @p1umer Q1IQ @q1iqF Matthias Keller (m-keller.com) P1umer @p1umer afang @afang5472 xmzyshypnc @xmzyshypnc1 Dohyun Lee @l33d0hyun SSD Secure Disclosure LabsKorea Univ. Manfred Paul @_manfp Trend Micro Zero Day InitiativeJan Vojtesek Avast Threat Intelligence teamWang Yu CyberservalWang Yu CyberservalWang Yu CyberservalJeremy Legendre MacEnhance
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple watchOS | <8.7 | 8.7 |
| Apple iPadOS | <15.6 | |
| Apple iPhone OS | <15.6 | |
| Apple macOS | >=12.0<12.5 | |
| Apple watchOS | <8.7 | |
| Apple iOS | <15.6 | 15.6 |
| Apple iPadOS | <15.6 | 15.6 |
| Apple macOS Monterey | <12.5 | 12.5 |
| <12.5 | 12.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213340 (Advisory)
- https://support.apple.com/en-us/HT213345 (Advisory)
- https://support.apple.com/en-us/HT213346 (Advisory)
- https://support.apple.com/en-us/102891 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2022-32832
- CVE-2022-32788
- CVE-2022-32824
- CVE-2022-32826
- CVE-2022-32845
- CVE-2022-32840
- CVE-2022-32810
- CVE-2022-32820
- CVE-2022-32825
- CVE-2022-32839
- CVE-2022-32819
- CVE-2022-32793
- CVE-2022-32821
- CVE-2022-32787
- CVE-2022-32841
- CVE-2022-48503
- CVE-2022-32813
- CVE-2022-32815
- CVE-2022-32817
- CVE-2022-32844
- CVE-2022-26981
- CVE-2022-32823
- CVE-2022-32814
- CVE-2022-32857
- CVE-2022-32863
- CVE-2022-32816
- CVE-2022-32792
- CVE-2022-32847
- CVE-2022-42805
- CVE-2022-32948
- CVE-2022-32829
- CVE-2022-32828
- CVE-2022-32855
- CVE-2022-32849
- CVE-2022-32802
- CVE-2022-32830
- CVE-2022-32785
- CVE-2022-26768
- CVE-2022-32838
- CVE-2022-32784
- CVE-2022-32885
- CVE-2022-2294
- CVE-2022-32860
- CVE-2022-32837
- CVE-2022-42858
- CVE-2022-32880
- CVE-2022-48578
- CVE-2022-32797
- CVE-2022-32851
- CVE-2022-32852
- CVE-2022-32853
- CVE-2022-32831
- CVE-2022-32910
- CVE-2022-32789
- CVE-2022-32805
- CVE-2022-32897
- CVE-2022-32811
- CVE-2022-32812
- CVE-2022-32786
- CVE-2022-32800
- CVE-2022-32843
- CVE-2022-46708
- CVE-2022-32796
- CVE-2022-32842
- CVE-2022-32798
- CVE-2022-32799
- CVE-2022-32818
- CVE-2022-32807
- CVE-2022-32801
- CVE-2021-28544
- CVE-2022-24070
- CVE-2022-29046
- CVE-2022-29048
- CVE-2022-32834
- CVE-2022-32933
- CVE-2022-32861
- CVE-2022-32848
Frequently Asked Questions
What is CVE-2022-32840?
CVE-2022-32840 is a vulnerability in Apple Neural Engine that has been addressed with improved checks.
Which software versions are affected by CVE-2022-32840?
CVE-2022-32840 affects macOS Monterey 12.5, iOS up to version 15.6, iPadOS up to version 15.6, and watchOS up to version 8.7.
How was CVE-2022-32840 addressed?
CVE-2022-32840 was addressed by implementing improved checks.
How can I fix CVE-2022-32840?
To fix CVE-2022-32840, update your software to the latest available version. For macOS Monterey, update to version 12.5 or later. For iOS and iPadOS, update to version 15.6 or later. For watchOS, update to version 8.7 or later.
Where can I find more information about CVE-2022-32840?
You can find more information about CVE-2022-32840 on the Apple support website. Here are the references: [link 1](https://support.apple.com/en-us/HT213345), [link 2](https://support.apple.com/en-us/HT213340), [link 3](https://support.apple.com/en-us/HT213346).
- agent/type
- agent/first-publish-date
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- agent/severity
- alias/CVE-2022-32829
- source/Apple
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/event
- agent/trending
- agent/source
- agent/tags
- alias/CVE-2022-32788
- alias/CVE-2022-32880
- alias/CVE-2022-32826
- alias/CVE-2022-42805
- alias/CVE-2022-32948
- alias/CVE-2022-32810
- alias/CVE-2022-32840
- alias/CVE-2022-32845
- alias/CVE-2022-48578
- alias/CVE-2022-32797
- alias/CVE-2022-32851
- alias/CVE-2022-32852
- alias/CVE-2022-32853
- alias/CVE-2022-32831
- alias/CVE-2022-32910
- alias/CVE-2022-32820
- alias/CVE-2022-32825
- alias/CVE-2022-32789
- alias/CVE-2022-32805
- alias/CVE-2022-32828
- alias/CVE-2022-32839
- alias/CVE-2022-32819
- alias/CVE-2022-32793
- alias/CVE-2022-32821
- alias/CVE-2022-32849
- alias/CVE-2022-32787
- alias/CVE-2022-32897
- alias/CVE-2022-32802
- alias/CVE-2022-32841
- alias/CVE-2022-32785
- alias/CVE-2022-32811
- alias/CVE-2022-32812
- alias/CVE-2022-48503
- alias/CVE-2022-32813
- alias/CVE-2022-32815
- alias/CVE-2022-32817
- alias/CVE-2022-26981
- alias/CVE-2022-32823
- alias/CVE-2022-32814
- alias/CVE-2022-32786
- alias/CVE-2022-32800
- alias/CVE-2022-32838
- alias/CVE-2022-32843
- alias/CVE-2022-46708
- alias/CVE-2022-32796
- alias/CVE-2022-32842
- alias/CVE-2022-32798
- alias/CVE-2022-32799
- alias/CVE-2022-32818
- alias/CVE-2022-32857
- alias/CVE-2022-32807
- alias/CVE-2022-32801
- alias/CVE-2021-28544
- alias/CVE-2022-24070
- alias/CVE-2022-29046
- alias/CVE-2022-29048
- alias/CVE-2022-32834
- alias/CVE-2022-32933
- alias/CVE-2022-32885
- alias/CVE-2022-32861
- alias/CVE-2022-32863
- alias/CVE-2022-32816
- alias/CVE-2022-32792
- alias/CVE-2022-2294
- alias/CVE-2022-32860
- alias/CVE-2022-32837
- alias/CVE-2022-32847
- alias/CVE-2022-32848
- alias/CVE-2022-32832
- agent/last-modified-date
- agent/weakness
- agent/references
- agent/author
- agent/description
- vendor/apple
- canonical/apple watchos
- canonical/apple ipados
- canonical/apple iphone os
- canonical/apple macos
- version/apple macos/12.0
- canonical/apple ios
- canonical/apple macos monterey