An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
|apple:iphone_os||apple iphone os||15.6.1|
macOS 12.x < 12.5.1 (HT213413)
macOS 11.x < 11.7 (HT213443)
About the security content of iOS 12.5.6
About the security content of watchOS 9
Threat Source newsletter (Aug. 25, 2022) — We're still not talking about Ukraine enough
Threat Source newsletter (Oct. 27, 2022): I thought we were already aware of supply chain attacks?
Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability
Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities
Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products
Apple releases security update for iPhones and iPads to address vulnerability
Urgent update for macOS and iOS! Two actively exploited zero-days fixed
CISA wants you to patch these actively exploited vulnerabilities before September 8
[updated] Important update! iPhones, Macs, and more vulnerable to zero-day bug
October 2022 Patch Tuesday | Microsoft Releases 84 Vulnerabilities with 13 Critical, plus 12 Microsoft Edge (Chromium-Based); Adobe Releases 4 Advisories, 29 Vulnerabilities with 17 Critical.