QID 610446

Date Published: 2022-11-21

QID 610446: Apple iOS 16 Security Update Missing

iOS is a mobile operating system created and developed by Apple Inc.

Following security issues are observed :
A memory consumption issue was addressed with improved memory handling. CVE-2022-42795
A memory corruption issue was addressed with improved state management. CVE-2022-32827
This issue was addressed with improved checks. CVE-2022-32907
The issue was addressed with improved memory handling. CVE-2022-32858
The issue was addressed with improved memory handling. CVE-2022-32898
The issue was addressed with improved handling of caches. CVE-2022-32909
This issue was addressed with improved checks. CVE-2022-32854
This issue was addressed with improved data protection. CVE-2022-32867
The issue was addressed with improved memory handling. CVE-2022-32865
A logic issue was addressed with improved restrictions. CVE-2022-32928
A memory corruption issue was addressed with improved state management. CVE-2022-26744
A use after free issue was addressed with improved memory management. CVE-2022-32903
A denial-of-service issue was addressed with improved validation. CVE-2022-1622 Entry added October 27, 2022 Image Processing Available for
The issue was addressed with additional restrictions on the observability of app states. CVE-2022-32913
The issue was addressed with improved memory handling. CVE-2022-32887
A use after free issue was addressed with improved memory management. CVE-2022-32914
The issue was addressed with improved memory handling. CVE-2022-32866
The issue was addressed with improved memory handling. CVE-2022-32864
The issue was addressed with improved bounds checks. CVE-2022-32917
A logic issue was addressed with improved restrictions. CVE-2022-32883
A memory corruption issue was addressed with improved input validation. CVE-2022-32908
A logic issue was addressed with improved state management. CVE-2022-32879
This issue was addressed with improved data protection. CVE-2022-32918
This issue was addressed with improved checks. CVE-2022-32795
A logic issue was addressed with improved state management. WebKit Bugzilla
A logic issue was addressed with improved restrictions. CVE-2022-32881
An issue in code signature validation was addressed with improved checks. CVE-2022-42793
A logic issue was addressed with improved restrictions. CVE-2022-32872
A logic issue was addressed with improved state management. CVE-2022-42790
A logic issue was addressed with improved state management. CVE-2022-32870
A race condition was addressed with improved state handling. CVE-2022-42791
This issue was addressed with improved checks. CVE-2021-36690 Entry added October 27, 2022 Time Zone Available for
A logic issue was addressed with improved state management. CVE-2022-32859 Entry added October 27, 2022 Watch app Available for
This issue was addressed with improved entitlements. CVE-2022-32835
A logic issue was addressed with improved state management. CVE-2022-32875
An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored. CVE-2022-32833
An out-of-bounds write issue was addressed with improved bounds checking. WebKit Bugzilla
The issue was addressed with improved UI handling. WebKit Bugzilla
A buffer overflow issue was addressed with improved memory handling. WebKit Bugzilla
An out-of-bounds read was addressed with improved bounds checking. WebKit Bugzilla
An access issue was addressed with improvements to the sandbox. WebKit Bugzilla
An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-32925

Affected Devices
iPhone 8 and later

On successful exploitation, it could allow an attacker to execute code.

  • CVSS V3 rated as Critical - 8.8 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    Refer to Apple advisory HT213446 for patching details.
    Vendor References
    Software Advisories
    Advisory ID Software Component Link
    HT213446 iOS URL Logo support.apple.com/en-in/HT213446