What is CVE-2022-42791?

CVE-2022-42791 is a vulnerability related to race condition in the software update process, which has been addressed with improved state handling.

Who is affected by CVE-2022-42791?

The vulnerability affects users of Apple iOS versions up to (but not including) 16 and macOS Ventura versions up to (but not including) 13.

What is the severity of CVE-2022-42791?

The severity of CVE-2022-42791 is not provided in the information provided.

How do I fix CVE-2022-42791 on Apple iOS?

To fix CVE-2022-42791 on Apple iOS, update your device to the latest version of iOS, which is 16 or later.

How do I fix CVE-2022-42791 on macOS Ventura?

To fix CVE-2022-42791 on macOS Ventura, update your device to the latest version of macOS Ventura, which is 13 or later.

Vulnerability/
CVE-2022-42791

high

CWE

362

12/9/2022

1/11/2022

16/1/2024

CVE-2022-42791: Race Condition

First published: Mon Sep 12 2022(Updated: )

A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.

Credit: Mickey Jin @patch1t Trend MicroMickey Jin @patch1t Trend Micro product-security@apple.com

Affected Software	Affected Version	How to fix
Apple iOS	<16	16
	<13	13
Apple iPhone OS	<16.0
Apple macOS	<13.0

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2022-42795
CVE-2022-48577
CVE-2022-32858
CVE-2022-32898
CVE-2022-32899
CVE-2022-46721
CVE-2022-47915
CVE-2022-47965
CVE-2022-32889
CVE-2022-32907
CVE-2022-32827
CVE-2022-32877
CVE-2022-42789
CVE-2022-42825
CVE-2022-46722
CVE-2022-32902
CVE-2022-32904
CVE-2022-32890
CVE-2022-42796
CVE-2022-42798
CVE-2022-32940
CVE-2022-42816
CVE-2022-42821
CVE-2022-42860
CVE-2022-42819
CVE-2022-42813
CVE-2022-26730
CVE-2022-32945
CVE-2022-42838
CVE-2022-22663
CVE-2022-32867
CVE-2022-32205
CVE-2022-32206
CVE-2022-32207
CVE-2022-32208
CVE-2022-42814
CVE-2022-32865
CVE-2022-32915
CVE-2022-32928
CVE-2022-22643
CVE-2022-32935
CVE-2022-42788
CVE-2022-48504
CVE-2022-32905
CVE-2022-42833
CVE-2022-32947
CVE-2022-42809
CVE-2022-3437
CVE-2022-32849
CVE-2022-32913
CVE-2022-32809
CVE-2022-1622
CVE-2022-32936
CVE-2022-42820
CVE-2022-42806
CVE-2022-32864
CVE-2022-32866
CVE-2022-32911
CVE-2022-32924
CVE-2022-32914
CVE-2022-42808
CVE-2022-32944
CVE-2022-42803
CVE-2022-32926
CVE-2022-42801
CVE-2022-46712
CVE-2022-42815
CVE-2022-42834
CVE-2022-46707
CVE-2022-32883
CVE-2022-32908
CVE-2022-42810
CVE-2021-39537
CVE-2022-29458
CVE-2022-42818
CVE-2022-32879
CVE-2022-32895
CVE-2022-46713
CVE-2022-42807
CVE-2022-32918
CVE-2022-42829
CVE-2022-42830
CVE-2022-42831
CVE-2022-42832
CVE-2022-32941
CVE-2022-28739
CVE-2022-32881
CVE-2022-32862
CVE-2022-32931
CVE-2022-42811
CVE-2022-42793
CVE-2022-32876
CVE-2022-32938
CVE-2022-42790
CVE-2022-32870
CVE-2022-32934
CVE-2022-42791
CVE-2021-36690
CVE-2022-48505
CVE-2022-26699
CVE-2022-0261
CVE-2022-0318
CVE-2022-0319
CVE-2022-0351
CVE-2022-0359
CVE-2022-0361
CVE-2022-0368
CVE-2022-0392
CVE-2022-0554
CVE-2022-0572
CVE-2022-0629
CVE-2022-0685
CVE-2022-0696
CVE-2022-0714
CVE-2022-0729
CVE-2022-0943
CVE-2022-1381
CVE-2022-1420
CVE-2022-1725
CVE-2022-1616
CVE-2022-1619
CVE-2022-1620
CVE-2022-1621
CVE-2022-1629
CVE-2022-1674
CVE-2022-1733
CVE-2022-1735
CVE-2022-1769
CVE-2022-1927
CVE-2022-1942
CVE-2022-1968
CVE-2022-1851
CVE-2022-1897
CVE-2022-1898
CVE-2022-1720
CVE-2022-2000
CVE-2022-2042
CVE-2022-2124
CVE-2022-2125
CVE-2022-2126
CVE-2022-42828
CVE-2022-32875
CVE-2022-42826
CVE-2022-32886
CVE-2022-32888
CVE-2022-32912
CVE-2022-42799
CVE-2022-42823
CVE-2022-42824
CVE-2022-32923
CVE-2022-32922
CVE-2022-32892
CVE-2022-32833
CVE-2022-46709
CVE-2022-37434
CVE-2022-42800
CVE-2022-32909
CVE-2022-32854
CVE-2022-32793
CVE-2022-26744
CVE-2022-32903
CVE-2022-32887
CVE-2022-32916
CVE-2022-32917
CVE-2022-32795
CVE-2022-32868
CVE-2022-32872
CVE-2022-32871
CVE-2022-32859
CVE-2022-32835
CVE-2022-32891
CVE-2022-32925

Frequently Asked Questions

What is CVE-2022-42791?
CVE-2022-42791 is a vulnerability related to race condition in the software update process, which has been addressed with improved state handling.
Who is affected by CVE-2022-42791?
The vulnerability affects users of Apple iOS versions up to (but not including) 16 and macOS Ventura versions up to (but not including) 13.
What is the severity of CVE-2022-42791?
The severity of CVE-2022-42791 is not provided in the information provided.
How do I fix CVE-2022-42791 on Apple iOS?
To fix CVE-2022-42791 on Apple iOS, update your device to the latest version of iOS, which is 16 or later.
How do I fix CVE-2022-42791 on macOS Ventura?
To fix CVE-2022-42791 on macOS Ventura, update your device to the latest version of macOS Ventura, which is 13 or later.

collector/nvd-index
agent/type
agent/last-modified-date
agent/first-publish-date
agent/softwarecombine
collector/apple-support
source/Apple
agent/software-canonical-lookup
agent/event
agent/references
agent/weakness
agent/severity
agent/author
agent/tags
agent/description
vendor/apple
canonical/apple iphone os
canonical/apple macos
canonical/apple macos ventura
canonical/apple ios

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.