| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 31 Mar 2022 10:30:03 -0700 From: Apple Product Security via Fulldisclosure <fulldisclosure@...lists.org> To: security-announce@...ts.apple.com Subject: [FD] APPLE-SA-2022-03-31-2 macOS Monterey 12.3.1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2022-03-31-2 macOS Monterey 12.3.1 macOS Monterey 12.3.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213220. Released March 31, 2022 AppleAVD Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2022-22675: an anonymous researcher Intel Graphics Driver Available for: macOS Monterey Impact: An application may be able to read kernel memory Description: An out-of-bounds read issue may lead to the disclosure of kernel memory and was addressed with improved input validation. Apple is aware of a report that this issue may have been actively exploited. CVE-2022-22674: an anonymous researcher macOS Monterey 12.3 may be obtained from the Mac App Store or Appleās Software Downloads web site: https://support.apple.com/downloads/ All information is also posted on the Apple Security Updates web site: https://support.apple.com/en-us/HT201222. This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmJF2VAACgkQeC9qKD1p rhh70RAAgPFZgncm+R7fFZru1r5hhWKcaJGt4qHLRwCTQbLB1vpWy/If6Sp72qJV 52RR5GXk0yQ6OrtDi68+Qg9dYXV06i9r8S5kHQ912xFjyl5ysu8KxNhBXz3d3re8 QizMzKIfoAp9X3BlrZHnryVv8evGuRQLFsTS06mhCOvFWwFNj7u6rMwuDGH/MYL5 Dt/sgmlDsvvqWrNNT4b8Xdi01lpgsIOMPpRLBCAguORuGft5U/8kAAJSDKHXgFM9 0E30zLKJDT9Y9jI2yU06jMulmPd01ZX7kKfhnMeCmRZrjNXbWBM+PqpnswUchgLa 2AMWfL0pPAtCpOu3OKpkkUBC9kOGoocq+ki2aueJ4K0Xq8vkDGab7AjUd7uClaa4 GfUE4ukrJV0cMKvtVL5N0tc0UoB9uAFx3JZQjdrxHKccJEuJou4MI+zH2zESLsmI 0U0lD2an6IC2bi3MInfUdOefwTyzHTnWBCv0ZSngtZ9xYT0K/YlVUN8An77AWxeq lzlWY2aMBzOzRyOuJnWk8MUdWaFm1zBGY8EDisgNWkGe2QvyiJkbRacnfNxbo7sR A1ftksgsiEHr4PaDto7P+TcQzKTqUKulnoHKzFyyPogl2LWHm0/GN9heGmLrumcR lI4Eogm3zRq0PZraV4CctB4xtFaKrzTPZXr34uy8xO4hKqPzICM= =7eDI -----END PGP SIGNATURE----- _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists