What is CVE-2022-42806?

CVE-2022-42806 is a vulnerability in IOKit that allows a race condition, which has been addressed with improved locking.

Who is affected by CVE-2022-42806?

The vulnerability affects Apple devices running macOS Ventura up to version 13, iOS up to version 16.1, and iPadOS up to version 16.

What is the severity of CVE-2022-42806?

The severity of CVE-2022-42806 is not specified.

How can I fix CVE-2022-42806?

To fix CVE-2022-42806, update your Apple device to the latest version of macOS Ventura 13, iOS 16.1, or iPadOS 16.

Where can I find more information about CVE-2022-42806?

More information about CVE-2022-42806 can be found on the Apple support website: [link1](https://support.apple.com/en-us/HT213489) and [link2](https://support.apple.com/en-us/HT213488).

Vulnerability/
CVE-2022-42806

high

CWE

362

24/10/2022

1/11/2022

3/8/2024

CVE-2022-42806: Race Condition

First published: Mon Oct 24 2022(Updated: )

A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges.

Credit: Tingting Yin Tsinghua UniversityTingting Yin Tsinghua University product-security@apple.com

Affected Software	Affected Version	How to fix
	<13	13
Apple iOS	<16.1	16.1
Apple iPadOS	<16	16
Apple iPadOS	<16.0
Apple iPhone OS	<16.1
Apple macOS	<13.0

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT213489 (Advisory)
https://support.apple.com/en-us/HT213488 (Advisory)
https://support.apple.com/kb/HT213488

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2022-32932
CVE-2022-42825
CVE-2022-32909
CVE-2022-42798
CVE-2022-32940
CVE-2022-32929
CVE-2022-42813
CVE-2022-32945
CVE-2022-32946
CVE-2022-32935
CVE-2022-32947
CVE-2022-32939
CVE-2022-42820
CVE-2022-42806
CVE-2022-46712
CVE-2022-32944
CVE-2022-42803
CVE-2022-32926
CVE-2022-42801
CVE-2022-32924
CVE-2022-42808
CVE-2022-42827
CVE-2022-42810
CVE-2022-46715
CVE-2022-42828
CVE-2022-32941
CVE-2022-42829
CVE-2022-42830
CVE-2022-42831
CVE-2022-42832
CVE-2022-42817
CVE-2022-42811
CVE-2022-32938
CVE-2022-42792
CVE-2022-42826
CVE-2022-42799
CVE-2022-42823
CVE-2022-42824
CVE-2022-32922
CVE-2022-32923
CVE-2022-32927
CVE-2022-37434
CVE-2022-42800
CVE-2022-42795
CVE-2022-48577
CVE-2022-32858
CVE-2022-32898
CVE-2022-32899
CVE-2022-46721
CVE-2022-47915
CVE-2022-47965
CVE-2022-32889
CVE-2022-32907
CVE-2022-32827
CVE-2022-32877
CVE-2022-42789
CVE-2022-46722
CVE-2022-32902
CVE-2022-32904
CVE-2022-32890
CVE-2022-42796
CVE-2022-42816
CVE-2022-42821
CVE-2022-42860
CVE-2022-42819
CVE-2022-26730
CVE-2022-42838
CVE-2022-48683
CVE-2022-22663
CVE-2022-32867
CVE-2022-32205
CVE-2022-32206
CVE-2022-32207
CVE-2022-32208
CVE-2022-42814
CVE-2022-32865
CVE-2022-32915
CVE-2022-32928
CVE-2022-22643
CVE-2022-42788
CVE-2022-48504
CVE-2022-32905
CVE-2022-42833
CVE-2022-42809
CVE-2022-3437
CVE-2022-32849
CVE-2022-32913
CVE-2022-32809
CVE-2022-1622
CVE-2022-32936
CVE-2022-32864
CVE-2022-32866
CVE-2022-32911
CVE-2022-32914
CVE-2022-42815
CVE-2022-42834
CVE-2022-46707
CVE-2022-32883
CVE-2022-32908
CVE-2021-39537
CVE-2022-29458
CVE-2022-42818
CVE-2022-32879
CVE-2022-32895
CVE-2022-46713
CVE-2022-42807
CVE-2022-32918
CVE-2022-28739
CVE-2022-32881
CVE-2022-32862
CVE-2022-32931
CVE-2022-42793
CVE-2022-32876
CVE-2022-42790
CVE-2022-32870
CVE-2022-32934
CVE-2022-42791
CVE-2021-36690
CVE-2022-48505
CVE-2022-26699
CVE-2022-0261
CVE-2022-0318
CVE-2022-0319
CVE-2022-0351
CVE-2022-0359
CVE-2022-0361
CVE-2022-0368
CVE-2022-0392
CVE-2022-0554
CVE-2022-0572
CVE-2022-0629
CVE-2022-0685
CVE-2022-0696
CVE-2022-0714
CVE-2022-0729
CVE-2022-0943
CVE-2022-1381
CVE-2022-1420
CVE-2022-1725
CVE-2022-1616
CVE-2022-1619
CVE-2022-1620
CVE-2022-1621
CVE-2022-1629
CVE-2022-1674
CVE-2022-1733
CVE-2022-1735
CVE-2022-1769
CVE-2022-1927
CVE-2022-1942
CVE-2022-1968
CVE-2022-1851
CVE-2022-1897
CVE-2022-1898
CVE-2022-1720
CVE-2022-2000
CVE-2022-2042
CVE-2022-2124
CVE-2022-2125
CVE-2022-2126
CVE-2022-32875
CVE-2022-32886
CVE-2022-32888
CVE-2022-32912
CVE-2022-32892
CVE-2022-32833
CVE-2022-46709

Frequently Asked Questions

What is CVE-2022-42806?
CVE-2022-42806 is a vulnerability in IOKit that allows a race condition, which has been addressed with improved locking.
Who is affected by CVE-2022-42806?
The vulnerability affects Apple devices running macOS Ventura up to version 13, iOS up to version 16.1, and iPadOS up to version 16.
What is the severity of CVE-2022-42806?
The severity of CVE-2022-42806 is not specified.
How can I fix CVE-2022-42806?
To fix CVE-2022-42806, update your Apple device to the latest version of macOS Ventura 13, iOS 16.1, or iPadOS 16.
Where can I find more information about CVE-2022-42806?
More information about CVE-2022-42806 can be found on the Apple support website: [link1](https://support.apple.com/en-us/HT213489) and [link2](https://support.apple.com/en-us/HT213488).

agent/first-publish-date
agent/type
agent/severity
agent/weakness
agent/author
agent/softwarecombine
collector/apple-support
source/Apple
agent/software-canonical-lookup-request
agent/software-canonical-lookup
agent/event
agent/description
collector/nvd-index
agent/references
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/apple
canonical/apple ios
canonical/apple ipados
canonical/apple iphone os
canonical/apple macos
canonical/apple macos ventura

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.