Lucene search

China National Vulnerability DatabaseCNVD-2022-71999

HistoryJul 22, 2022 - 12:00 a.m.

Apple iOS and iPadOS GPU Driver Buffer Overflow Vulnerability

2022-07-2200:00:00

China National Vulnerability Database

www.cnvd.org.cn

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

JSON

Apple iOS and Apple iPadOS are both products of Apple Inc. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. iOS and iPadOS are vulnerable to a buffer overflow vulnerability that originates in the GPU driver when handling A boundary error in the GPU driver when handling untrusted input can be exploited to trigger a memory corruption and execute arbitrary code with root privileges.

CPENameOperatorVersion
Apple iOSlt15.6
Apple iPadOSlt15.6
Apple tvOSlt15.6
Apple watchOSlt8.7
Apple MacOS >=12.0，lt12.5

Name	Operator	Version
Apple iOS	lt	15.6
Apple iPadOS	lt	15.6
Apple tvOS	lt	15.6
Apple watchOS	lt	8.7
Apple MacOS >=12.0，	lt	12.5

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

JSON

Related for CNVD-2022-71999