First published: Mon Oct 24 2022(Updated: )
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may lead to arbitrary code execution.
Credit: product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
<13 | 13 | |
Apple iOS | <16.1 | 16.1 |
Apple iPadOS | <16 | 16 |
Apple watchOS | <9.1 | 9.1 |
Apple tvOS | <16.1 | 16.1 |
Apple macOS Monterey | <12.6.1 | 12.6.1 |
Apple Safari | <16.1 | 16.1 |
Apple Safari | <16.1 | |
Apple iPadOS | <16.0 | |
Apple iPhone OS | <16.1 | |
Apple macOS | <13.0 | |
Apple tvOS | <16.1 | |
Apple watchOS | <9.1 | |
Fedoraproject Fedora | =35 | |
Fedoraproject Fedora | =36 | |
Fedoraproject Fedora | =37 | |
Debian Debian Linux | =10.0 | |
Debian Debian Linux | =11.0 | |
debian/webkit2gtk | <=2.36.4-1~deb10u1 | 2.38.6-0+deb10u1 2.40.5-1~deb11u1 2.42.1-1~deb11u2 2.40.5-1~deb12u1 2.42.1-1~deb12u1 2.42.1-2 |
debian/wpewebkit | 2.38.6-1~deb11u1 2.38.6-1 2.42.1-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
(Found alongside the following vulnerabilities)
The vulnerability ID is CVE-2022-42823.
The vulnerability affects Apple macOS Monterey up to version 12.6.1, Apple iOS up to version 16.1, Apple iPadOS up to version 16, Apple watchOS up to version 9.1, Apple Safari up to version 16.1, Apple tvOS up to version 16.1, and Apple macOS Ventura up to version 13.
The impact of this vulnerability is a type confusion issue that could lead to arbitrary code execution.
To fix this vulnerability, update your software to the latest version available, as specified in the Apple security advisory.
You can find more information about this vulnerability in the Apple security advisory linked in the references section.