Apple arms high-end MacBook Pro notebooks with M1 Pro, M1 Max processors.To judge by numerous Apple support discussion threads and posts to social media forums, more than a few people are having problems. Impact: Processing maliciously crafted web content may lead to arbitrary code executionĭescription: An out-of-bounds write issue was addressed with improved bounds checking.In 2019, some were disparaging macOS Catalina as " a trash fire." That year, according to a small survey conducted by veteran Apple reporter Jason Snell, Cupertino's software quality scored a D+ in the US school grading scheme in 2020, survey respondents gave Apple a grade of B. Impact: Processing a maliciously crafted file may lead to a denial-of-service or potentially disclose memory contentsĭescription: This issue was addressed with improved checks. Impact: Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code executionĭescription: An out-of-bounds write issue was addressed with improved input validation. Impact: A remote user may be able to cause kernel code execution Impact: A user may be able to view restricted content from the lock screenĬVE-2022-42790: Om kothawade of Zaprico Digital Impact: An app may be able to bypass code signing checksĬVE-2022-42793: Linus Henze of Pinauten GmbH () Impact: An app may be able to modify protected parts of the file systemĬVE-2022-32881: Csaba Fitzl of Offensive Security Impact: An app may be able to gain elevated privilegesĬVE-2022-32900: Mickey Jin for: macOS Monterey Impact: A user in a privileged network position may be able to track user activityĭescription: This issue was addressed with improved data protection.ĬVE-2022-42818: Gustav Hansen from WithSecure Impact: A user may be able to cause unexpected app termination or arbitrary code executionĭescription: A buffer overflow was addressed with improved bounds checking. Impact: A user may be able to elevate privilegesĭescription: A memory corruption issue was addressed with improved input validation. Apple is aware of a report that this issue may have been actively exploited.ĭescription: A logic issue was addressed with improved restrictions.ĬVE-2022-32883: Ron Masas of Impact: An application may be able to execute arbitrary code with kernel privileges. Impact: An app may be able to disclose kernel memoryĬVE-2022-32864: Linus Henze of Pinauten GmbH () Impact: An app may be able to execute arbitrary code with kernel privilegesĭescription: A use after free issue was addressed with improved memory management.ĭescription: The issue was addressed with improved memory handling.ĬVE-2022-32866: Linus Henze of Pinauten GmbH ()ĬVE-2022-32924: Ian Beer of Google Project Zero Impact: Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privilegesĭescription: The issue was addressed with improved bounds checks. Impact: A user may be able to view sensitive user informationĭescription: This issue was addressed by enabling hardened runtime.ĬVE-2022-32896: Wojciech Reguła for: macOS Monterey Impact: A sandboxed app may be able to determine which app is currently using the cameraĭescription: The issue was addressed with additional restrictions on the observability of app states.ĬVE-2022-32913: Yiğit Can YILMAZ added October 27, 2022 Impact: Processing an image may lead to a denial-of-serviceĭescription: A denial-of-service issue was addressed with improved validation. Impact: An app may be able to read sensitive location informationĭescription: An access issue was addressed with improved access restrictions.ĭescription: A configuration issue was addressed with additional restrictions.ĬVE-2022-32877: Wojciech Reguła of SecuRing Impact: An app may be able to bypass Privacy preferencesĭescription: A logic issue was addressed with improved state management.ĬVE-2022-32902: Mickey Jin added October 27, 2022ĭescription: An access issue was addressed with additional sandbox restrictions.ĬVE-2022-32904: Mickey Jin added October 27, 2022ĬVE-2022-32902: Mickey Jin for: macOS Monterey Impact: An app may be able to access user-sensitive dataĭescription: An issue in code signature validation was addressed with improved checks.ĬVE-2022-42789: Koh M.
0 Comments
Leave a Reply. |