CVE-2022-42792: Race Condition
First published: Mon Oct 24 2022(Updated: )
Apple Neural Engine. The issue was addressed with improved memory handling.
Credit: Csaba Fitzl @theevilbit Offensive SecurityJonathan Zhang Open Computing FacilityGuilherme Rambo Best Buddy AppsBistrit Dahal Asahi Lina @LinaAsahi Willy R. Vasquez The University of Texas at AustinPeter Pan ZhenPeng STAR LabsTingting Yin Tsinghua UniversityTommy Muir @Muirey03 Tim Michaud @TimGMichaud MoveworksXinru Chi Pangu LabJohn Aakerblom @jaakerblom Ian Beer Google Project ZeroZweig Kunlun Laban anonymous researcher Xingwei Lin @xwlin_roy Ant Security LightYinyi Wu Ant Security LightIES Red Team ByteDanceMir Masood Ali Illinois at ChicagoPhD student Illinois at ChicagoUniversity Illinois at ChicagoMS student Illinois at ChicagoStony Brook University; Mohammad Ghasemisharif Illinois at ChicagoPhD Candidate Illinois at ChicagoAssociate Professor Illinois at ChicagoStony Brook University; Jason Polakis Illinois at ChicagoJustin Bui @slyd0g SnowflakeCristian Dinca Tudor Vianu National High School of Computer Science ofFrancisco Alonso @revskills Jihwan Kim @gPayl0ad Dohyun Lee @l33d0hyun Dohyun Lee @l33d0hyun SSD LabsAbdulrahman Alqabandi Microsoft Browser Vulnerability ResearchRyan Shin IAAI SecLab at Korea UniversityDohyun Lee @l33d0hyun DNSLab at Korea UniversityYonghwi Jin at Theori @jinmo123 Trend Micro Zero Day InitiativeWonyoung Jung @nonetype_pwn KAIST Hacking LabDr Hideaki Goto Tohoku UniversityJapan Evgeny Legerov Mickey Jin @patch1t Anonymous Trend Micro Zero Day InitiativeABC Research s.r.o. Mohamed Ghannam @_simo36 product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS, iPadOS, and watchOS | <16.1 | 16.1 |
| Apple iOS, iPadOS, and watchOS | <16 | 16 |
| Apple iOS, iPadOS, and watchOS | <16.0 | |
| iStyle @cosme iPhone OS | <16.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT213489 (Advisory)
- https://support.apple.com/en-us/102793 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2022-32932
- CVE-2022-42825
- CVE-2022-32909
- CVE-2022-42798
- CVE-2022-32940
- CVE-2022-32929
- CVE-2022-42813
- CVE-2022-32945
- CVE-2022-32946
- CVE-2022-32935
- CVE-2022-32947
- CVE-2022-32939
- CVE-2022-42820
- CVE-2022-42806
- CVE-2022-46712
- CVE-2022-32944
- CVE-2022-42803
- CVE-2022-32926
- CVE-2022-42801
- CVE-2022-32924
- CVE-2022-42808
- CVE-2022-42827
- CVE-2022-42810
- CVE-2022-46715
- CVE-2022-42828
- CVE-2022-32941
- CVE-2022-42829
- CVE-2022-42830
- CVE-2022-42831
- CVE-2022-42832
- CVE-2022-42817
- CVE-2022-42811
- CVE-2022-32938
- CVE-2022-42792
- CVE-2022-42826
- CVE-2022-42799
- CVE-2022-42823
- CVE-2022-42824
- CVE-2022-32922
- CVE-2022-32923
- CVE-2022-32927
- CVE-2022-37434
- CVE-2022-42800
Frequently Asked Questions
What is CVE-2022-42792?
CVE-2022-42792 is a vulnerability related to weather data protection in Apple iOS and iPadOS.
What is the severity of CVE-2022-42792?
The severity of CVE-2022-42792 is not provided in the available information.
How does CVE-2022-42792 impact Apple iOS and iPadOS?
CVE-2022-42792 impacts Apple iOS and iPadOS by exposing a vulnerability in weather data protection.
How can I fix CVE-2022-42792?
You can fix CVE-2022-42792 by updating your Apple iOS or iPadOS device to version 16.1 or higher.
Where can I find more information about CVE-2022-42792?
You can find more information about CVE-2022-42792 on the Apple support website at the following link: [Apple Support](https://support.apple.com/en-us/HT213489)
- agent/type
- agent/first-publish-date
- agent/severity
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- agent/source
- agent/event
- agent/weakness
- agent/description
- agent/references
- agent/author
- collector/apple-support
- source/Apple
- alias/CVE-2022-32945
- alias/CVE-2022-32946
- alias/CVE-2022-32935
- alias/CVE-2022-32947
- alias/CVE-2022-32939
- alias/CVE-2022-42820
- alias/CVE-2022-42806
- alias/CVE-2022-46712
- alias/CVE-2022-32944
- alias/CVE-2022-42803
- alias/CVE-2022-32926
- alias/CVE-2022-42801
- alias/CVE-2022-32924
- alias/CVE-2022-42808
- alias/CVE-2022-42827
- alias/CVE-2022-42810
- alias/CVE-2022-46715
- alias/CVE-2022-42828
- alias/CVE-2022-32941
- alias/CVE-2022-42829
- alias/CVE-2022-42830
- alias/CVE-2022-42831
- alias/CVE-2022-42832
- alias/CVE-2022-42817
- alias/CVE-2022-42811
- alias/CVE-2022-32938
- alias/CVE-2022-42792
- alias/CVE-2022-42826
- alias/CVE-2022-42799
- alias/CVE-2022-42823
- alias/CVE-2022-42824
- alias/CVE-2022-32922
- alias/CVE-2022-32923
- alias/CVE-2022-32927
- alias/CVE-2022-37434
- alias/CVE-2022-42800
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- alias/CVE-2022-32929
- alias/CVE-2022-42813
- alias/CVE-2022-32940
- alias/CVE-2022-32909
- alias/CVE-2022-42798
- alias/CVE-2022-42825
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- collector/nvd-index
- vendor/apple
- canonical/apple ios, ipados, and watchos
- canonical/istyle @cosme iphone os