CVE-2022-32886: Buffer Overflow
First published: Mon Sep 12 2022(Updated: )
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
Credit: product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Safari | <16 | 16 |
| Apple iOS | <15.7 | 15.7 |
| Apple iPadOS | <15.7 | 15.7 |
| Apple iOS | <16 | 16 |
| Apple watchOS | <9 | 9 |
| Apple tvOS | <16 | 16 |
| <13 | 13 | |
| Apple Safari | <16.0 | |
| Apple iPadOS | <15.7 | |
| Apple iPhone OS | <15.7 | |
| Fedoraproject Fedora | =35 | |
| Fedoraproject Fedora | =36 | |
| Fedoraproject Fedora | =37 | |
| Debian Debian Linux | =10.0 | |
| Debian Debian Linux | =11.0 | |
| debian/webkit2gtk | <=2.36.4-1~deb10u1 | 2.38.6-0+deb10u1 2.40.5-1~deb11u1 2.42.1-1~deb11u2 2.40.5-1~deb12u1 2.42.1-1~deb12u1 2.42.1-2 |
| debian/wpewebkit | 2.38.6-1~deb11u1 2.38.6-1 2.42.1-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2022/Oct/28
- http://seclists.org/fulldisclosure/2022/Oct/39
- http://seclists.org/fulldisclosure/2022/Oct/41
- https://lists.debian.org/debian-lts-announce/2022/09/msg00034.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74MXH2U5GA4CX3L3NLYP4TBO4O2VOPBJ/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDV6OLKDTL55NH4LNSMLQ4D6LLSX6JU2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDNT32WIARRD2ANWKGCTTIQXI6OII7HZ/
- https://security.gentoo.org/glsa/202305-32
- https://support.apple.com/en-us/HT213442 (Advisory)
- https://support.apple.com/en-us/HT213445 (Advisory)
- https://support.apple.com/en-us/HT213446 (Advisory)
- https://www.debian.org/security/2022/dsa-5240
- https://www.debian.org/security/2022/dsa-5241
- https://webkitgtk.org/security/WSA-2022-0009.html
- https://security-tracker.debian.org/tracker/CVE-2022-32886
- https://support.apple.com/en-us/HT213487 (Advisory)
- https://support.apple.com/kb/HT213445
- https://support.apple.com/en-us/HT213488 (Advisory)
- https://support.apple.com/kb/HT213446
- https://support.apple.com/en-us/HT213486 (Advisory)
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2022-32868
- CVE-2022-32886
- CVE-2022-32912
- CVE-2022-32891
- CVE-2022-32892
- CVE-2022-32833
- CVE-2022-42795
- CVE-2022-32907
- CVE-2022-32903
- CVE-2022-1622
- CVE-2022-32913
- CVE-2022-32949
- CVE-2022-32864
- CVE-2022-32866
- CVE-2022-32911
- CVE-2022-32914
- CVE-2022-32908
- CVE-2022-32879
- CVE-2022-32881
- CVE-2021-36690
- CVE-2022-32888
- CVE-2022-46709
- CVE-2022-32925
- CVE-2022-32827
- CVE-2022-32877
- CVE-2022-32858
- CVE-2022-32898
- CVE-2022-32899
- CVE-2022-32889
- CVE-2022-32909
- CVE-2022-32854
- CVE-2022-32867
- CVE-2022-32865
- CVE-2022-32928
- CVE-2022-22643
- CVE-2022-32793
- CVE-2022-26744
- CVE-2022-32887
- CVE-2022-32916
- CVE-2022-32917
- CVE-2022-32883
- CVE-2022-32918
- CVE-2022-32795
- CVE-2022-42793
- CVE-2022-32872
- CVE-2022-42790
- CVE-2022-32871
- CVE-2022-32870
- CVE-2022-42791
- CVE-2022-32859
- CVE-2022-32835
- CVE-2022-32875
- CVE-2022-32894
- CVE-2022-32893
- CVE-2022-42796
- CVE-2022-32929
- CVE-2022-48577
- CVE-2022-46721
- CVE-2022-47915
- CVE-2022-47965
- CVE-2022-42789
- CVE-2022-42825
- CVE-2022-46722
- CVE-2022-32902
- CVE-2022-32904
- CVE-2022-32890
- CVE-2022-42798
- CVE-2022-32940
- CVE-2022-42816
- CVE-2022-42821
- CVE-2022-42860
- CVE-2022-42819
- CVE-2022-42813
- CVE-2022-26730
- CVE-2022-32945
- CVE-2022-42838
- CVE-2022-48683
- CVE-2022-22663
- CVE-2022-32205
- CVE-2022-32206
- CVE-2022-32207
- CVE-2022-32208
- CVE-2022-42814
- CVE-2022-32915
- CVE-2022-32935
- CVE-2022-42788
- CVE-2022-48504
- CVE-2022-32905
- CVE-2022-42833
- CVE-2022-32947
- CVE-2022-42809
- CVE-2022-3437
- CVE-2022-32849
- CVE-2022-32809
- CVE-2022-32936
- CVE-2022-42820
- CVE-2022-42806
- CVE-2022-32924
- CVE-2022-42808
- CVE-2022-32944
- CVE-2022-42803
- CVE-2022-32926
- CVE-2022-42801
- CVE-2022-46712
- CVE-2022-42815
- CVE-2022-42834
- CVE-2022-46707
- CVE-2022-42810
- CVE-2021-39537
- CVE-2022-29458
- CVE-2022-42818
- CVE-2022-32895
- CVE-2022-46713
- CVE-2022-42807
- CVE-2022-42829
- CVE-2022-42830
- CVE-2022-42831
- CVE-2022-42832
- CVE-2022-32941
- CVE-2022-28739
- CVE-2022-32862
- CVE-2022-32931
- CVE-2022-42811
- CVE-2022-32876
- CVE-2022-32938
- CVE-2022-32934
- CVE-2022-48505
- CVE-2022-26699
- CVE-2022-0261
- CVE-2022-0318
- CVE-2022-0319
- CVE-2022-0351
- CVE-2022-0359
- CVE-2022-0361
- CVE-2022-0368
- CVE-2022-0392
- CVE-2022-0554
- CVE-2022-0572
- CVE-2022-0629
- CVE-2022-0685
- CVE-2022-0696
- CVE-2022-0714
- CVE-2022-0729
- CVE-2022-0943
- CVE-2022-1381
- CVE-2022-1420
- CVE-2022-1725
- CVE-2022-1616
- CVE-2022-1619
- CVE-2022-1620
- CVE-2022-1621
- CVE-2022-1629
- CVE-2022-1674
- CVE-2022-1733
- CVE-2022-1735
- CVE-2022-1769
- CVE-2022-1927
- CVE-2022-1942
- CVE-2022-1968
- CVE-2022-1851
- CVE-2022-1897
- CVE-2022-1898
- CVE-2022-1720
- CVE-2022-2000
- CVE-2022-2042
- CVE-2022-2124
- CVE-2022-2125
- CVE-2022-2126
- CVE-2022-42828
- CVE-2022-42826
- CVE-2022-42799
- CVE-2022-42823
- CVE-2022-42824
- CVE-2022-32923
- CVE-2022-32922
- CVE-2022-37434
- CVE-2022-42800
Frequently Asked Questions
What is CVE-2022-32886?
CVE-2022-32886 is a buffer overflow vulnerability in WebKit that has been addressed with improved memory handling.
Which software are affected by CVE-2022-32886?
CVE-2022-32886 affects Apple iOS (up to version 16), Apple iPadOS (up to version 15.7), Apple tvOS (up to version 16), Apple watchOS (up to version 9), Apple Safari (up to version 16), and macOS Ventura (up to version 13).
What is the severity of CVE-2022-32886?
The severity of CVE-2022-32886 is not specified.
How can I fix CVE-2022-32886?
To fix CVE-2022-32886, it is recommended to update to the latest version of the affected software. Please refer to the references provided for specific remediation steps.
Where can I find more information about CVE-2022-32886?
You can find more information about CVE-2022-32886 on the official Apple support website. Please refer to the provided references.
- collector/security-tracker-debian
- collector/apple-support
- agent/type
- agent/first-publish-date
- agent/software-canonical-lookup-request
- agent/author
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/event
- source/Apple
- agent/software-canonical-lookup
- agent/references
- agent/description
- collector/nvd-index
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- package-manager/debian
- vendor/apple
- canonical/apple safari
- canonical/apple tvos
- canonical/apple ios
- canonical/apple watchos
- canonical/apple ipados
- canonical/apple iphone os
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/35
- version/fedoraproject fedora/36
- version/fedoraproject fedora/37
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/10.0
- version/debian debian linux/11.0