First published: Tue Dec 13 2022(Updated: )
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, iOS 15.7.2 and iPadOS 15.7.2, tvOS 16.2, watchOS 9.2. Parsing a maliciously crafted video file may lead to kernel code execution.
Credit: product-security@apple.com Andrey Labunets Nikita Tarakanov Andrey Labunets Nikita Tarakanov Andrey Labunets Nikita Tarakanov Andrey Labunets Nikita Tarakanov product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple iPadOS | <15.7.2 | |
Apple iPadOS | >=16.0<16.2 | |
Apple iPhone OS | <15.7.2 | |
Apple iPhone OS | >=16.0<16.2 | |
Apple tvOS | <16.2 | |
Apple watchOS | <9.2 | |
Apple tvOS | <16.2 | 16.2 |
Apple iOS | <15.7.2 | 15.7.2 |
Apple iPadOS | <15.7.2 | 15.7.2 |
Apple watchOS | <9.2 | 9.2 |
Apple iOS | <16.2 | 16.2 |
Apple iPadOS | <16.2 | 16.2 |
<15.7.2 | ||
>=16.0<16.2 | ||
<15.7.2 | ||
>=16.0<16.2 | ||
<16.2 | ||
<9.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2022-46694 is an out-of-bounds write issue in AppleAVD that has been addressed with improved input validation.
CVE-2022-46694 affects Apple iOS up to version 16.2, Apple iPadOS up to version 16.2, Apple iOS up to version 15.7.2, Apple iPadOS up to version 15.7.2, Apple watchOS up to version 9.2, and Apple tvOS up to version 16.2.
The severity of CVE-2022-46694 is not provided in the information available.
To fix CVE-2022-46694, update your Apple device to the latest available version of the affected software listed in the description.
More information about CVE-2022-46694 can be found on the following links: - [Apple Support - CVE-2022-46694](https://support.apple.com/en-us/HT213530) - [Apple Support - CVE-2022-46694](https://support.apple.com/en-us/HT213531) - [Apple Support - CVE-2022-46694](https://support.apple.com/en-us/HT213536)