[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [FD] APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1
From:       Apple Product Security via Fulldisclosure <fulldisclosure () seclists ! org>
Date:       2022-08-17 21:13:29
Message-ID: 8D6332C3-6A50-449D-91DE-D584F416F17F () lists ! apple ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2022-08-17-2 macOS Monterey 12.5.1

macOS Monterey 12.5.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213413.

Kernel
Available for: macOS Monterey
Impact: An application may be able to execute arbitrary code with
kernel privileges. Apple is aware of a report that this issue may
have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2022-32894: an anonymous researcher

WebKit
Available for: macOS Monterey
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited.
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
WebKit Bugzilla: 243557
CVE-2022-32893: an anonymous researcher

macOS Monterey 12.5.1 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
All information is also posted on the Apple Security Updates
web site: https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEBP+4DupqR5Sgt1DB4RjMIDkeNxkFAmL9UiYACgkQ4RjMIDke
NxkMiQ/+JkF0Octgd1/I72UFVdhIbUrvL+BkQdTWXfzrfGpFl3EOSUkvn+F3qmt4
pAxtbKeg4T5VyJqGz+bQDOZ+VXGsO4w/9n0WWjEGA/P+BHkP2gUZLlhZQRq1XY5c
gW8EBiUEA20qtz9s0AUFOtS8l6J1QStOhA5W6OWS4xJp4GTwFKSbZHDrHjACBoi1
5XpFM0H5sbFG66C9Fb+p55BLWMBoyxbi8YiQIDmcZ7/+kNGSsBkfHtvSmoFaSVr1
vP/2o2zEUburmKy9C9nUrXruJB6oqjWrkKfe2bbHOa9Zpf9zPcDyYXFbpJLYyAov
R2h8pTppfxdPpuFKVht+MUpc9VnW8oZsuk0bWiI/D9dAOX1otoLE1599SXy/rXSU
2SLeM+Uv4iiJGiNSfDuvcCCqhzCCUf2/pS8VTcnDZczsOGPLWROswzQ46yVWHIxO
iCNH8iHliDo5UNzem+yza5hRgjDbArEjoP10zzx2AxFioQuJXWWEWIbcb966MKzs
gL+DB2BqVhF+OScf+jC66BefgSndsGBfkKgulrZ1HOmJ2E/BwOCYKYrDQhtNEJbr
dFjv8+cMO1vuqKb33p5rjzNIqucBYEuoLtIaXz1yJ5aF/3M5HVaqBgBFioQHUvKj
zc/QF2P6Ue3AMhUkmkMkZVJRMYI966fFD9NMKjGz9H/gCm+8iN0=
=4ABQ
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/
[prev in list] [next in list] [prev in thread] [next in thread]