lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 31 Mar 2022 10:30:03 -0700
From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org>
To: security-announce@...ts.apple.com
Subject: [FD] APPLE-SA-2022-03-31-2 macOS Monterey 12.3.1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2022-03-31-2 macOS Monterey 12.3.1

macOS Monterey 12.3.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213220.

Released March 31, 2022

AppleAVD
Available for: macOS Monterey
Impact: An application may be able to execute arbitrary code
with kernel privileges. Apple is aware of a report that this issue
may have been actively exploited.
Description: An out-of-bounds write issue was addressed with
improved bounds checking.
CVE-2022-22675: an anonymous researcher

Intel Graphics Driver
Available for: macOS Monterey
Impact: An application may be able to read kernel memory
Description: An out-of-bounds read issue may lead to the
disclosure of kernel memory and was addressed with improved
input validation. Apple is aware of a report that this issue may
have been actively exploited.
CVE-2022-22674: an anonymous researcher

macOS Monterey 12.3 may be obtained from the Mac App
Store or Appleā€™s Software Downloads web site:
https://support.apple.com/downloads/

All information is also posted on the Apple Security Updates
web site:
https://support.apple.com/en-us/HT201222.

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmJF2VAACgkQeC9qKD1p
rhh70RAAgPFZgncm+R7fFZru1r5hhWKcaJGt4qHLRwCTQbLB1vpWy/If6Sp72qJV
52RR5GXk0yQ6OrtDi68+Qg9dYXV06i9r8S5kHQ912xFjyl5ysu8KxNhBXz3d3re8
QizMzKIfoAp9X3BlrZHnryVv8evGuRQLFsTS06mhCOvFWwFNj7u6rMwuDGH/MYL5
Dt/sgmlDsvvqWrNNT4b8Xdi01lpgsIOMPpRLBCAguORuGft5U/8kAAJSDKHXgFM9
0E30zLKJDT9Y9jI2yU06jMulmPd01ZX7kKfhnMeCmRZrjNXbWBM+PqpnswUchgLa
2AMWfL0pPAtCpOu3OKpkkUBC9kOGoocq+ki2aueJ4K0Xq8vkDGab7AjUd7uClaa4
GfUE4ukrJV0cMKvtVL5N0tc0UoB9uAFx3JZQjdrxHKccJEuJou4MI+zH2zESLsmI
0U0lD2an6IC2bi3MInfUdOefwTyzHTnWBCv0ZSngtZ9xYT0K/YlVUN8An77AWxeq
lzlWY2aMBzOzRyOuJnWk8MUdWaFm1zBGY8EDisgNWkGe2QvyiJkbRacnfNxbo7sR
A1ftksgsiEHr4PaDto7P+TcQzKTqUKulnoHKzFyyPogl2LWHm0/GN9heGmLrumcR
lI4Eogm3zRq0PZraV4CctB4xtFaKrzTPZXr34uy8xO4hKqPzICM=
=7eDI
-----END PGP SIGNATURE-----
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: https://seclists.org/fulldisclosure/

Powered by blists - more mailing lists