CVE-2022-32842

Vulnerability

CVE-2022-32842 is an out-of-bounds read issue in the macOS kernel that could lead to arbitrary code execution with kernel privileges. According to the official description, the issue was addressed with improved input validation. It is fixed in macOS Monterey 12.5 (released July 20, 2022) [1] and Security Update 2022-005 Catalina (also released July 20, 2022) [2]. Apple's advisory notes that the impact is that an app may be able to execute arbitrary code with kernel privileges [1].

Exploitation

Exploitation requires the attacker to have the ability to run an app on the affected system. No additional authentication or network access is necessary beyond the ability to execute code. The exact sequence of steps is not disclosed, but the out-of-bounds read likely occurs in kernel memory handling when processing specially crafted input. An app can trigger the vulnerability to read memory outside the intended buffer, which can then be leveraged for privilege escalation.

Impact

Successful exploitation allows an attacker to execute arbitrary code with kernel privileges [1]. This means the attacker gains the highest level of system access, bypassing all security restrictions. The impact is complete compromise of confidentiality, integrity, and availability of the affected system.

Mitigation

The vulnerability is fixed in macOS Monterey 12.5 and Security Update 2022-005 Catalina [1][2]. Users should update to these or later versions as soon as possible. No workarounds are provided by Apple. The vulnerability is not listed on CISA's Known Exploited Vulnerabilities (KEV) catalog as of this writing.