First published: Mon Oct 24 2022(Updated: )
A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.
Credit: Tingting Yin Tsinghua UniversityTingting Yin Tsinghua University product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
<13 | 13 | |
Apple iOS | <16.1 | 16.1 |
Apple iPadOS | <16 | 16 |
Apple iPadOS | <16.0 | |
Apple iPhone OS | <16.1 | |
Apple macOS | <13.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2022-42806 is a vulnerability in IOKit that allows a race condition, which has been addressed with improved locking.
The vulnerability affects Apple devices running macOS Ventura up to version 13, iOS up to version 16.1, and iPadOS up to version 16.
The severity of CVE-2022-42806 is not specified.
To fix CVE-2022-42806, update your Apple device to the latest version of macOS Ventura 13, iOS 16.1, or iPadOS 16.
More information about CVE-2022-42806 can be found on the Apple support website: [link1](https://support.apple.com/en-us/HT213489) and [link2](https://support.apple.com/en-us/HT213488).