CVE-2022-26775
Description
An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An integer overflow in macOS may allow an attacker to cause unexpected application termination or arbitrary code execution, fixed in macOS Monterey 12.4 and Security Update 2022-004 Catalina.
Vulnerability
An integer overflow vulnerability exists in macOS due to improper input validation. This issue affects macOS Monterey versions prior to 12.4 and macOS Catalina before Security Update 2022-004. The overflow can occur when processing crafted data in an unspecified component [1][3].
Exploitation
A local attacker may exploit the integer overflow by providing specially crafted input to the affected component. No special privileges or user interaction beyond local access are required. The overflow can lead to memory corruption, which the attacker can leverage for code execution [1][3].
Impact
Successful exploitation could cause immediate application termination (denial of service) or arbitrary code execution at the privilege level of the vulnerable application. If the application runs with elevated privileges, the attacker could gain those privileges. The impact includes potential full compromise of the system's confidentiality, integrity, and availability [1][3].
Mitigation
Apple has fixed this vulnerability in macOS Monterey 12.4 and Security Update 2022-004 Catalina, both released on May 16, 2022. Users are strongly advised to update to the latest versions. No known workarounds exist for unpatched systems [1][3].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: <12.4
- Range: unspecified
- Apple/Security Update - Catalinav5Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- support.apple.com/en-us/HT213255mitrex_refsource_MISC
- support.apple.com/en-us/HT213257mitrex_refsource_MISC
- support.apple.com/kb/HT213253mitrex_refsource_CONFIRM
- support.apple.com/kb/HT213254mitrex_refsource_CONFIRM
- support.apple.com/kb/HT213258mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.