CVE-2022-26761
https://notcve.org/view.php?id=CVE-2022-26761
A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una administración de memoria mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 • CWE-787: Out-of-bounds Write •
CVE-2022-26756
https://notcve.org/view.php?id=CVE-2022-26756
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de entrada mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 • CWE-787: Out-of-bounds Write •
CVE-2022-26755
https://notcve.org/view.php?id=CVE-2022-26755
This issue was addressed with improved environment sanitization. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to break out of its sandbox. Este problema es corregido con un saneo del entorno mejorado. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 •
CVE-2022-26691 – cups: authorization bypass when using "local" authorization
https://notcve.org/view.php?id=CVE-2022-26691
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An application may be able to gain elevated privileges. Se abordó un problema de lógica con una administración de estados mejorada. Este problema es corregido en Security Update 2022-003 Catalina, macOS Monterey versión 12.3, macOS Big Sur versión 11.6.5. • https://github.com/OpenPrinting/cups/commit/de4f8c196106033e4c372dce3e91b9d42b0b9444 https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2022/MNDT-2022-0026/MNDT-2022-0026.md https://lists.debian.org/debian-lts-announce/2022/05/msg00039.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQ6TD7F3VRITPEHFDHZHK7MU6FEBMZ5U https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YQRIT4H75XV6M42K7ZTARWZ7YLLYQHPO https://support.apple.com/en-us/H • CWE-288: Authentication Bypass Using an Alternate Path or Channel CWE-697: Incorrect Comparison •
CVE-2022-26688 – Apple macOS PackageKit PKCoreShove Link Following System Integrity Protection Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-26688
An issue in the handling of symlinks was addressed with improved validation. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious app with root privileges may be able to modify the contents of system files. Se abordó un problema en el manejo de los enlaces simbólicos con una comprobación mejorada. Este problema es corregido en Security Update 2022-003 Catalina, macOS Monterey versión 12.3 y macOS Big Sur versión 11.6.5. • https://support.apple.com/en-us/HT213183 https://support.apple.com/en-us/HT213184 https://support.apple.com/en-us/HT213185 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •