About the security content of iOS 16

This document describes the security content of iOS 16.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

iOS 16

Released September 12, 2022

Accelerate Framework

Available for: iPhone 8 and later

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory consumption issue was addressed with improved memory handling.

CVE-2022-42795: ryuzaki

Entry added October 27, 2022

AppleAVD

Available for: iPhone 8 and later

Impact: An app may be able to cause a denial-of-service

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-32827: Antonio Zekic (@antoniozekic), Natalie Silvanovich of Google Project Zero, and an anonymous researcher

Entry added October 27, 2022

AppleAVD

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: This issue was addressed with improved checks.

CVE-2022-32907: Natalie Silvanovich of Google Project Zero, Antonio Zekic (@antoniozekic) and John Aakerblom (@jaakerblom), ABC Research s.r.o, Yinyi Wu, Tommaso Bianco (@cutesmilee__)

Entry added October 27, 2022

AppleMobileFileIntegrity

Available for: iPhone 8 and later

Impact: An app may be able to access user-sensitive data

Description: A configuration issue was addressed with additional restrictions.

CVE-2022-32877: Wojciech Reguła (@_r3ggi) of SecuRing

Entry added March 16, 2023

Apple Neural Engine

Available for: iPhone 8 and later

Impact: An app may be able to leak sensitive kernel state

Description: The issue was addressed with improved memory handling.

CVE-2022-32858: Mohamed Ghannam (@_simo36)

Entry added October 27, 2022

Apple Neural Engine

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32898: Mohamed Ghannam (@_simo36)

CVE-2022-32899: Mohamed Ghannam (@_simo36)

CVE-2022-32889: Mohamed Ghannam (@_simo36)

Entry added October 27, 2022

Apple TV

Available for: iPhone 8 and later

Impact: An app may be able to access user-sensitive data

Description: The issue was addressed with improved handling of caches.

CVE-2022-32909: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added October 27, 2022

Contacts

Available for: iPhone 8 and later

Impact: An app may be able to bypass Privacy preferences

Description: This issue was addressed with improved checks.

CVE-2022-32854: Holger Fuhrmannek of Deutsche Telekom Security

Crash Reporter

Available for: iPhone 8 and later

Impact: A user with physical access to an iOS device may be able to read past diagnostic logs

Description: This issue was addressed with improved data protection.

CVE-2022-32867: Kshitij Kumar and Jai Musunuri of Crowdstrike

Entry added October 27, 2022

DriverKit

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32865: Linus Henze of Pinauten GmbH (pinauten.de)

Entry added October 27, 2022

Exchange

Available for: iPhone 8 and later

Impact: A user in a privileged network position may be able to intercept mail credentials

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32928: Jiří Vinopal (@vinopaljiri) of Check Point Research

Entry added October 27, 2022, updated March 16, 2023

FaceTime

Available for: iPhone 8 and later

Impact: A user may send audio and video in a FaceTime call without knowing that they have done so

Description: This issue was addressed with improved checks.

CVE-2022-22643: Sonali Luthar of the University of Virginia, Michael Liao of the University of Illinois at Urbana-Champaign, Rohan Pahwa of Rutgers University, and Bao Nguyen of University of Florida

Entry added March 16, 2023

GPU Drivers

Available for: iPhone 8 and later

Impact: An app may be able to disclose kernel memory

Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.

CVE-2022-32793: an anonymous researcher

Entry added March 16, 2023

GPU Drivers

Available for: iPhone 8 and later

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-26744: an anonymous researcher

Entry added October 27, 2022

GPU Drivers

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32903: an anonymous researcher

Entry added October 27, 2022

ImageIO

Available for: iPhone 8 and later

Impact: Processing an image may lead to a denial-of-service

Description: A denial-of-service issue was addressed with improved validation.

CVE-2022-1622

Entry added October 27, 2022

Image Processing

Available for: iPhone 8 and later

Impact: A sandboxed app may be able to determine which app is currently using the camera

Description: The issue was addressed with additional restrictions on the observability of app states.

CVE-2022-32913: Yiğit Can YILMAZ (@yilmazcanyigit)

Entry added October 27, 2022

IOGPUFamily

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32887: an anonymous researcher

Entry added October 27, 2022

Kernel

Available for: iPhone 8 and later

Impact: An app may be able to disclose kernel memory

Description: An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation.

CVE-2022-32916: Pan ZhenPeng of STAR Labs SG Pte. Ltd.

Entry added November 9, 2022

Kernel

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2022-32914: Zweig of Kunlun Lab

Entry added October 27, 2022

Kernel

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: The issue was addressed with improved memory handling.

CVE-2022-32866: Linus Henze of Pinauten GmbH (pinauten.de)

CVE-2022-32911: Zweig of Kunlun Lab

Entry updated October 27, 2022

Kernel

Available for: iPhone 8 and later

Impact: An app may be able to disclose kernel memory

Description: The issue was addressed with improved memory handling.

CVE-2022-32864: Linus Henze of Pinauten GmbH (pinauten.de)

Kernel

Available for: iPhone 8 and later

Impact: An application may be able to execute arbitrary code with kernel privileges.

Description: The issue was addressed with improved bounds checks.

CVE-2022-32917: an anonymous researcher

Maps

Available for: iPhone 8 and later

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32883: Ron Masas, breakpointhq.com

MediaLibrary

Available for: iPhone 8 and later

Impact: A user may be able to elevate privileges

Description: A memory corruption issue was addressed with improved input validation.

CVE-2022-32908: an anonymous researcher

Notifications

Available for: iPhone 8 and later

Impact: A user with physical access to a device may be able to access contacts from the lock screen

Description: A logic issue was addressed with improved state management.

CVE-2022-32879: Ubeydullah Sümer

Entry added October 27, 2022

Photos

Available for: iPhone 8 and later

Impact: An app may be able to bypass Privacy preferences

Description: This issue was addressed with improved data protection.

CVE-2022-32918: Ashwani Rajput of Nagarro Software Pvt. Ltd, Srijan Shivam Mishra of The Hack Report, Jugal Goradia of Aastha Technologies, Evan Ricafort (evanricafort.com) of Invalid Web Security, Shesha Sai C (linkedin.com/in/shesha-sai-c-18585b125), Amod Raghunath Patwardhan of Pune, India

Entry added October 27, 2022, updated March 16, 2023

Safari

Available for: iPhone 8 and later

Impact: Visiting a malicious website may lead to address bar spoofing

Description: This issue was addressed with improved checks.

CVE-2022-32795: Narendra Bhati of Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati

Safari Extensions

Available for: iPhone 8 and later

Impact: A website may be able to track users through Safari web extensions

Description: A logic issue was addressed with improved state management.

WebKit Bugzilla: 242278

CVE-2022-32868: Michael

Sandbox

Available for: iPhone 8 and later

Impact: An app may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32881: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added October 27, 2022

Security

Available for: iPhone 8 and later

Impact: An app may be able to bypass code signing checks

Description: An issue in code signature validation was addressed with improved checks.

CVE-2022-42793: Linus Henze of Pinauten GmbH (pinauten.de)

Entry added October 27, 2022

Shortcuts

Available for: iPhone 8 and later

Impact: A person with physical access to an iOS device may be able to access photos from the lock screen

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32872: Elite Tech Guru

Sidecar

Available for: iPhone 8 and later

Impact: A user may be able to view restricted content from the lock screen

Description: A logic issue was addressed with improved state management.

CVE-2022-42790: Om kothawade of Zaprico Digital

Entry added October 27, 2022

Siri

Available for: iPhone 8 and later

Impact: A person with physical access to a device may be able to use Siri to access private calendar information

Description: A logic issue was addressed with improved restrictions.

CVE-2022-32871: Amit Prajapat of Payatu Security Consulting Private Limited

Entry added March 16, 2023

Siri

Available for: iPhone 8 and later

Impact: A user with physical access to a device may be able to use Siri to obtain some call history information

Description: A logic issue was addressed with improved state management.

CVE-2022-32870: Andrew Goldberg of The McCombs School of Business, The University of Texas at Austin (linkedin.com/andrew-goldberg-/)

Entry added October 27, 2022

Software Update

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved state handling.

CVE-2022-42791: Mickey Jin (@patch1t) of Trend Micro

Entry added November 9, 2022

SQLite

Available for: iPhone 8 and later

Impact: A remote user may be able to cause a denial-of-service

Description: This issue was addressed with improved checks.

CVE-2021-36690

Entry added October 27, 2022

Time Zone

Available for: iPhone 8 and later

Impact: Deleted contacts may still appear in spotlight search results

Description: A logic issue was addressed with improved state management.

CVE-2022-32859

Entry added October 27, 2022

Watch app

Available for: iPhone 8 and later

Impact: An app may be able to read a persistent device identifier

Description: This issue was addressed with improved entitlements.

CVE-2022-32835: Guilherme Rambo of Best Buddy Apps (rambo.codes)

Entry added October 27, 2022

Weather

Available for: iPhone 8 and later

Impact: An app may be able to read sensitive location information

Description: A logic issue was addressed with improved state management.

CVE-2022-32875: an anonymous researcher

Entry added October 27, 2022

WebKit

Available for: iPhone 8 and later

Impact: An unauthorized user may be able to access browsing history

Description: An issue existed with the file paths used to store website data. The issue was resolved by improving how website data is stored.

CVE-2022-32833: Csaba Fitzl (@theevilbit) of Offensive Security, Jeff Johnson

Entry added November 9, 2022

WebKit

Available for: iPhone 8 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds write issue was addressed with improved bounds checking.

WebKit Bugzilla: 242047

CVE-2022-32888: P1umer (@p1umer)

Entry added October 27, 2022

WebKit

Available for: iPhone 8 and later

Impact: Visiting a website that frames malicious content may lead to UI spoofing

Description: The issue was addressed with improved UI handling.

WebKit Bugzilla: 243236

CVE-2022-32891: @real_as3617, and an anonymous researcher

Entry added October 27, 2022

WebKit

Available for: iPhone 8 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

WebKit Bugzilla: 241969

CVE-2022-32886: P1umer, afang5472, xmzyshypnc

WebKit

Available for: iPhone 8 and later

Impact: Processing maliciously crafted web content may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

WebKit Bugzilla: 242762

CVE-2022-32912: Jeonghoon Shin (@singi21a) at Theori working with Trend Micro Zero Day Initiative

WebKit Sandboxing

Available for: iPhone 8 and later

Impact: A sandboxed process may be able to circumvent sandbox restrictions

Description: An access issue was addressed with improvements to the sandbox.

WebKit Bugzilla: 243181

CVE-2022-32892: @18楼梦想改造家 and @jq0904 of DBAppSecurity's WeBin lab

Entry added October 27, 2022

Wi-Fi

Available for: iPhone 8 and later

Impact: An app may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2022-46709: Wang Yu of Cyberserval

Entry added March 16, 2023

Wi-Fi

Available for: iPhone 8 and later

Impact: An app may be able to cause unexpected system termination or write kernel memory

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2022-32925: Wang Yu of Cyberserval

Entry added October 27, 2022

Additional recognition

AirDrop

We would like to acknowledge Alexander Heinrich, Milan Stute, and Christian Weinert of Technical University of Darmstadt for their assistance.

Entry added October 27, 2022

AppleCredentialManager

We would like to acknowledge @jonathandata1 for their assistance.

Entry added October 27, 2022

Calendar UI

We would like to acknowledge Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal for their assistance.

Entry added October 27, 2022

CoreGraphics

We would like to acknowledge Simon de Vegt for their assistance.

Entry added November 9, 2022

FaceTime

We would like to acknowledge an anonymous researcher for their assistance.

Entry added October 27, 2022

Find My

We would like to acknowledge an anonymous researcher for their assistance.

Entry added October 27, 2022

Game Center

We would like to acknowledge Joshua Jones for their assistance.

iCloud

We would like to acknowledge Bülent Aytulun, and an anonymous researcher for their assistance.

Entry added October 27, 2022

Identity Services

We would like to acknowledge Joshua Jones for their assistance.

Kernel

We would like to acknowledge Pan ZhenPeng(@Peterpan0927), Tingting Yin of Tsinghua University, and Min Zheng of Ant Group, and an anonymous researcher for their assistance.

Entry added October 27, 2022

Mail

We would like to acknowledge an anonymous researcher for their assistance.

Entry added October 27, 2022

Notes

We would like to acknowledge Edward Riley of Iron Cloud Limited (ironclouduk.com) for their assistance.

Entry added October 27, 2022

Photo Booth

We would like to acknowledge Prashanth Kannan of Dremio for their assistance.

Entry added October 27, 2022

Safari

We would like to acknowledge Scott Hatfield of Sub-Zero Group for their assistance.

Entry added March 16, 2023

Sandbox

We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance.

Entry added October 27, 2022

Shortcuts

We would like to acknowledge Shay Dror for their assistance.

Entry added October 27, 2022

SOS

We would like to acknowledge Xianfeng Lu and Lei Ai of OPPO Amber Security Lab for their assistance.

Entry added October 27, 2022

UIKit

We would like to acknowledge Aleczander Ewing, Simon de Vegt, and an anonymous researcher for their assistance.

Entry added October 27, 2022

WebKit

We would like to acknowledge an anonymous researcher for their assistance.

Entry added October 27, 2022

WebRTC

We would like to acknowledge an anonymous researcher for their assistance.

Entry added October 27, 2022

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Data di pubblicazione: