what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2022-32827

Status Candidate

Overview

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to cause a denial-of-service.

Related Files

AppleAVD deallocateKernelMemoryInternal Missing Surface Lock
Posted Nov 18, 2022
Authored by Google Security Research, natashenka

In AppleAVD.kext, pixel buffers are mapped by calling AppleAVDUserClient::_mapPixelBuffer, which eventually calls AppleAVD::allocateKernelMemoryInternal. If the buffer is an IOSurface, the function calls IOSurface::deviceLockSurface before allocating memory by calling prepare. But when a pixel buffer is unmapped by calling AppleAVDUserClient::_unmapPixelBuffer, which calls AppleAVD::deallocateKernelMemoryInternal, the IOSurface is not locked before calling complete. This means that mapping and unmapping can occur at the same time, leading to kernel memory corruption. This bug could allow escalation to kernel privileges from a local app.

tags | exploit, kernel, local
advisories | CVE-2022-32827
SHA-256 | fa06dd34c9fcfaf9f03c6a70c7fd7fc078ff6872d40e76e3295731e58256ce8a
Apple Security Advisory 2022-10-27-3
Posted Oct 31, 2022
Authored by Apple | Site apple.com

Apple Security Advisory 2022-10-27-3 - iOS 16 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, spoofing, and use-after-free vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution
systems | apple, ios
advisories | CVE-2021-36690, CVE-2022-1622, CVE-2022-26744, CVE-2022-32795, CVE-2022-32827, CVE-2022-32835, CVE-2022-32854, CVE-2022-32858, CVE-2022-32859, CVE-2022-32864, CVE-2022-32865, CVE-2022-32866, CVE-2022-32867, CVE-2022-32868
SHA-256 | f72f652240009ad6885c95e399eeada938afdca8ed7e90acdcc02793817280ae
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close