CVE-2022-32886

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

Published: Sep 20, 2022
Updated: Apr 14, 2023
CVE: CVE-2022-32886
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-787

Affected Software
References

Software	From	Fixed in
apple / ipados	-	15.7
apple / iphone_os	-	15.7
apple / safari	-	16.0
fedoraproject / fedora	35	35.x
fedoraproject / fedora	36	36.x
fedoraproject / fedora	37	37.x
debian / debian_linux	10.0	10.0.x
debian / debian_linux	11.0	11.0.x

http://seclists.org/fulldisclosure/2022/Oct/28
http://seclists.org/fulldisclosure/2022/Oct/39
http://seclists.org/fulldisclosure/2022/Oct/41
https://lists.debian.org/debian-lts-announce/2022/09/msg00034.html
https://lists.fedoraproject.org/archives/list/[email protected]/message/74MXH2U5GA4CX3L3NLYP4TBO4O2VOPBJ/
https://lists.fedoraproject.org/archives/list/[email protected]/message/KDV6OLKDTL55NH4LNSMLQ4D6LLSX6JU2/
https://lists.fedoraproject.org/archives/list/[email protected]/message/TDNT32WIARRD2ANWKGCTTIQXI6OII7HZ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/74MXH2U5GA4CX3L3NLYP4TBO4O2VOPBJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KDV6OLKDTL55NH4LNSMLQ4D6LLSX6JU2/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TDNT32WIARRD2ANWKGCTTIQXI6OII7HZ/
https://security.gentoo.org/glsa/202305-32
https://support.apple.com/en-us/HT213442
https://support.apple.com/en-us/HT213445
https://support.apple.com/en-us/HT213446
https://www.debian.org/security/2022/dsa-5240
https://www.debian.org/security/2022/dsa-5241

Vulnerability Database

290,206

CVE-2022-32886