CVE-2022-46701

Опубликовано: 15 дек. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2. Connecting to a malicious NFS server may lead to arbitrary code execution with kernel privileges.

Ссылки

http://seclists.org/fulldisclosure/2022/Dec/20
Third Party Advisory
http://seclists.org/fulldisclosure/2022/Dec/23
Third Party Advisory
http://seclists.org/fulldisclosure/2022/Dec/26
Third Party Advisory
https://support.apple.com/en-us/HT213530
Vendor Advisory
https://support.apple.com/en-us/HT213532
Vendor Advisory
https://support.apple.com/en-us/HT213535
Vendor Advisory
http://seclists.org/fulldisclosure/2022/Dec/20
Third Party Advisory
http://seclists.org/fulldisclosure/2022/Dec/23
Third Party Advisory
http://seclists.org/fulldisclosure/2022/Dec/26
Third Party Advisory
https://support.apple.com/en-us/HT213530
Vendor Advisory
https://support.apple.com/en-us/HT213532
Vendor Advisory
https://support.apple.com/en-us/HT213535
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Версия от 16.0 (включая) до 16.2 (исключая)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия от 16.0 (включая) до 16.2 (исключая)

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 13.0 (включая) до 13.1 (исключая)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Версия до 16.2 (исключая)

EPSS

Процентиль: 33%

0.00128

Низкий

7.8 High

CVSS3

Дефекты

CWE-20

Связанные уязвимости

GHSA-qhw8-gxv4-588x