CVE-2022-26766 – macOS 12.3.1 Local Root
https://notcve.org/view.php?id=CVE-2022-26766
A certificate parsing issue was addressed with improved checks. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious app may be able to bypass signature validation. Se abordó un problema de análisis de certificados con comprobaciones mejoradas. Este problema es corregido en tvOS versión 15.5, iOS versión 15.5 y iPadOS versión 15.5, Security Update 2022-004 Catalina, watchOS versión 8.6, macOS Big Sur versión 11.6.6, macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 • CWE-295: Improper Certificate Validation •
CVE-2022-26763 – macOS 12.3.1 Local Root
https://notcve.org/view.php?id=CVE-2022-26763
An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de acceso fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 15.5, iOS versión 15.5 y iPadOS versión 15.5, Security Update 2022-004 Catalina, watchOS versión 8.6, macOS Big Sur versión 11.6.6, macOS Monterey versión 12.4. • https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 https://support.apple.com/en-us/HT213258 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2022-26768
https://notcve.org/view.php?id=CVE-2022-26768
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una administración de estados mejorada. Este problema es corregido en macOS Monterey versión 12.4, watchOS versión 8.6, tvOS versión 15.5, macOS Big Sur versión 11.6.6. • http://seclists.org/fulldisclosure/2022/Jul/12 https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213254 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 https://support.apple.com/kb/HT213346 • CWE-787: Out-of-bounds Write •
CVE-2022-26748 – Apple Safari WebGL generateMipmap Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-26748
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de escritura fuera de límites con una comprobación de entradas mejorada. Este problema es corregido en Security Update 2022-004 Catalina, macOS Monterey versión 12.4 y macOS Big Sur versión 11.6.6. • https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 • CWE-787: Out-of-bounds Write •
CVE-2022-26726
https://notcve.org/view.php?id=CVE-2022-26726
This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen. Este problema es corregido con comprobaciones mejoradas. Este problema es corregido en Security Update 2022-004 Catalina, watchOS versión 8.6, macOS Monterey versión 12.4, macOS Big Sur versión 11.6.6. • https://github.com/acheong08/CVE-2022-26726-POC https://github.com/acheong08/CVE-2022-26726-POC2 https://support.apple.com/en-us/HT213253 https://support.apple.com/en-us/HT213255 https://support.apple.com/en-us/HT213256 https://support.apple.com/en-us/HT213257 •