CVE-2022-26756

Vulnerability

CVE-2022-26756 is an out-of-bounds write vulnerability in the macOS kernel. The issue was present due to insufficient input validation. The vulnerability is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6, and Security Update 2022-004 Catalina, all released on May 16, 2022 [1][2][3]. The official description from Apple notes that the issue was addressed with improved input validation [1].

Exploitation

An attacker would need to have the ability to run an application on the affected system. No additional privileges or user interaction beyond launching the application are described. The vulnerability is triggered by the application, which causes an out-of-bounds write in kernel memory. Specific exploitation steps are not publicly detailed by Apple.

Impact

Successful exploitation could allow an application to execute arbitrary code with kernel privileges. This means an attacker could gain full control of the system, including the ability to read, write, or modify kernel memory and bypass security mechanisms [1].

Mitigation

Apple has released patches for this vulnerability in macOS Monterey 12.4, macOS Big Sur 11.6.6, and Security Update 2022-004 Catalina, all dated May 16, 2022 [1][2][3]. Users should update to the patched versions immediately. No workarounds are mentioned by Apple. The vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.