First published: Mon Sep 12 2022(Updated: )
A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.
Credit: Mickey Jin @patch1t Trend MicroMickey Jin @patch1t Trend Micro product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iOS | <16 | 16 |
<13 | 13 | |
Apple iPhone OS | <16.0 | |
Apple macOS | <13.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2022-42791 is a vulnerability related to race condition in the software update process, which has been addressed with improved state handling.
The vulnerability affects users of Apple iOS versions up to (but not including) 16 and macOS Ventura versions up to (but not including) 13.
The severity of CVE-2022-42791 is not provided in the information provided.
To fix CVE-2022-42791 on Apple iOS, update your device to the latest version of iOS, which is 16 or later.
To fix CVE-2022-42791 on macOS Ventura, update your device to the latest version of macOS Ventura, which is 13 or later.