Unrated severityNVD Advisory· Published Sep 23, 2022· Updated May 27, 2025

CVE-2022-32843

Description

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Processing a maliciously crafted Postscript file on macOS may cause an out-of-bounds write, leading to app termination or memory disclosure.

Vulnerability

An out-of-bounds write vulnerability exists in the Postscript file processing component of macOS. The issue arises from insufficient bounds checking when parsing a maliciously crafted Postscript file. Affected versions include macOS Monterey 12.5, macOS Big Sur 11.6.8, and macOS Catalina with Security Update 2022-005 [1][2][3].

Exploitation

An attacker can exploit this vulnerability by delivering a specially crafted Postscript file to the target user. No special network position or authentication is required; the user must open the malicious file using an application that processes Postscript data. Once opened, the out-of-bounds write is triggered during parsing.

Impact

Successful exploitation may result in unexpected application termination (denial of service) or disclosure of process memory, potentially leaking sensitive information. The description does not indicate arbitrary code execution or privilege escalation.

Mitigation

Apple addressed the issue in macOS Monterey 12.5, macOS Big Sur 11.6.8, and Security Update 2022-005 for Catalina, all released on July 20, 2022 [1][2][3]. Users should update to the latest available version. No workarounds have been published, and the vulnerability is not listed on CISA's Known Exploited Vulnerabilities catalog.

References

AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Apple Inc./macOS Catalinallm-fuzzy
Range: <2022-005
Apple Inc./macOS Big Surllm-fuzzy
Range: <11.6.8
Apple Inc./macOS Montereyllm-fuzzy
Range: <12.5
Apple Inc./macOSv5
Range: unspecified

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

support.apple.com/en-us/HT213343mitrex_refsource_MISC
support.apple.com/en-us/HT213344mitrex_refsource_MISC
support.apple.com/en-us/HT213345mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000