Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2022.0399
APPLE-SA-2022-01-26-2 macOS Monterey 12.2
28 January 2022
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: macOS Monterey 12.2
Publisher: Apple
Operating System: macOS
Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction
Root Compromise -- Unknown/Unspecified
Denial of Service -- Remote with User Interaction
Access Confidential Data -- Unknown/Unspecified
Reduced Security -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2022-22594 CVE-2022-22593 CVE-2022-22592
CVE-2022-22591 CVE-2022-22590 CVE-2022-22589
CVE-2022-22587 CVE-2022-22586 CVE-2022-22585
CVE-2022-22584 CVE-2022-22583 CVE-2022-22579
CVE-2022-22578
Original Bulletin:
https://support.apple.com/en-us/HT213054
Comment: Apple is aware of a report that CVE-2022-22587 may have been actively exploited
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2022-01-26-2 macOS Monterey 12.2
macOS Monterey 12.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213054.
AMD Kernel
Available for: macOS Monterey
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-22586: an anonymous researcher
ColorSync
Available for: macOS Monterey
Impact: Processing a maliciously crafted file may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2022-22584: Mickey Jin (@patch1t) of Trend Micro
Crash Reporter
Available for: macOS Monterey
Impact: A malicious application may be able to gain root privileges
Description: A logic issue was addressed with improved validation.
CVE-2022-22578: an anonymous researcher
iCloud
Available for: macOS Monterey
Impact: An application may be able to access a user's files
Description: An issue existed within the path validation logic for
symlinks. This issue was addressed with improved path sanitization.
CVE-2022-22585: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
(https://xlab.tencent.com)
Intel Graphics Driver
Available for: macOS Monterey
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2022-22591: Antonio Zekic (@antoniozekic) of Diverto
IOMobileFrameBuffer
Available for: macOS Monterey
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges. Apple is aware of a report that this issue
may have been actively exploited.
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2022-22587: an anonymous researcher, Meysam Firouzi (@R00tkitSMM)
of MBition - Mercedes-Benz Innovation Lab, Siddharth Aeri
(@b1n4r1b01)
Kernel
Available for: macOS Monterey
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2022-22593: Peter Nguyá»\x{133}n VÅ© Hoàng of STAR Labs
Model I/O
Available for: macOS Monterey
Impact: Processing a maliciously crafted STL file may lead to
unexpected application termination or arbitrary code execution
Description: An information disclosure issue was addressed with
improved state management.
CVE-2022-22579: Mickey Jin (@patch1t) of Trend Micro
PackageKit
Available for: macOS Monterey
Impact: An application may be able to access restricted files
Description: A permissions issue was addressed with improved
validation.
CVE-2022-22583: an anonymous researcher, Mickey Jin (@patch1t), Ron
Hass (@ronhass7) of Perception Point
WebKit
Available for: macOS Monterey
Impact: Processing a maliciously crafted mail message may lead to
running arbitrary javascript
Description: A validation issue was addressed with improved input
sanitization.
CVE-2022-22589: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu
of Palo Alto Networks (paloaltonetworks.com)
WebKit
Available for: macOS Monterey
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2022-22590: Toan Pham from Team Orca of Sea Security
(security.sea.com)
WebKit
Available for: macOS Monterey
Impact: Processing maliciously crafted web content may prevent
Content Security Policy from being enforced
Description: A logic issue was addressed with improved state
management.
CVE-2022-22592: Prakash (@1lastBr3ath)
WebKit Storage
Available for: macOS Monterey
Impact: A website may be able to track sensitive user information
Description: A cross-origin issue in the IndexDB API was addressed
with improved input validation.
CVE-2022-22594: Martin Bajanik of FingerprintJS
Additional recognition
Kernel
We would like to acknowledge Tao Huang for their assistance.
Metal
We would like to acknowledge Tao Huang for their assistance.
PackageKit
We would like to acknowledge Mickey Jin (@patch1t), Mickey Jin
(@patch1t) of Trend Micro for their assistance.
WebKit
We would like to acknowledge Prakash (@1lastBr3ath) for their
assistance.
Installation note:
This update may be obtained from the Mac App Store
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmHx0zEACgkQeC9qKD1p
rhhFUw/+K0ImMkw8zCjqdJza05Y6mlSa2wAdoVQK4pywYylcWMzemOi9GStr1Tgq
CmA7KFo2hPp/9kh6+SURi91WwUKdNHsDfasjNDqTTOJalQFuKB0erZgEpcprBnHE
lzT2heSJDl58sMSn0hLlGIhLfc+4Ld29FKc3lmtBPGeKY3vUViHLN0s3sZj07twx
Ew7yYkDBkz/e2kGRDByWzmvsSQt+w7HMK+pN1m5CBTZdP8KAHVtbuv8BPtMHKwNJ
1Kzo6nW4MJ9Eds63Lz4A37nqTNxmvsbf4zDSppwAp8NalEHqg5My7PzmK97eh6ap
jS4P4LqdRigTvRMq3eDVh/4Lie+/39nXwdQI6czETvTYzi+iA6k3q1Lsf2eIYzCf
0y4YTKEwIze05Q45YqbbnRDfVGOKtfZOcFVYsMxYBHBMp6LDcLJ9i0+AORX2igoA
dODLICbrHzexa682FDE2RGtgQOtS5k4LJLUggvSeOW/tXN+MovfVTjCIzJSKYltP
eQm8gq3EajaRk4JQcYkxklalyOHVZpkg3+u6Az+xIY5nVVijkuGDqqiCoh62zmsE
kSXZrfuJTIYWbIzpR23xVMyxWBcN4AXDE3xLeZajm0yGnAxpd8CGwb4FhgipcDVE
wwazu76IYBPpP40AyBALO10aXhYjrI+Bj6zI+Ug3msXLhkeICtI=
=WEmw
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBYfN9cONLKJtyKPYoAQibIg//a6kS5lzKDRN3Hu+vi5anvVCge2aznuFn
8p5FECaI/U+kCV6P+diFYW3jGC/ERSeJPFxFCwtMrmwe/P1wy8f732JI9bZF83mz
nZWpzoYN8l3l1NDyoL+UYzta4exrZ4uHbKfeTgT7Pn38H+IqLKndzs/PEFeWlflh
u10wZOUQgru9h35LeMpO377ecRKTTxmHx7CMArmE6qeQe8l87y5CZSBuAiXOUgi3
cUb4dQAdRZ+nxDvw+nECPaQfj66bKTvrD5+8eMZFZJeOGm/hjyS48mIBHrMNJJ7X
v7q5rmdzhqxt+xsip5AUuzVOEoTnjutxic22cLJo8zqRLse1aTxt0mtPZsxy2e2m
BHeepMkkOZFnPoz02F8yGq6VsEcKBDEiRQbzMxkpX8UbbNHsTEhiE8bhJr4UxfWx
ZqtM8deuf01XLHQxIGX3m290aqfVqI0cjuFby2xOWEfWZOZi/bsxhRiIY/sZ/nsH
j6/YZUKKoB8HjW3bMT8j1UkHPvrn12OS/uHQuXs9W3PNAk2wqRX7PPLMdgBX7d7y
O6/AEsN3oR6zRybl3TPEqV4NcNp+DQFFXi/s7qX7PRC7ZGI5mTsrTO3KIdZ5evTt
2GY+vopuUyd7V5uuNHgjkF5s3LRMWdjmXc5olj7YKBwh1eZoJj0SrocAodo7fyUt
6btmQZSR1TM=
=OBs9
-----END PGP SIGNATURE-----