iOS 16.1 for iPhone

About What ios 16.1 and Ipados 16 Have to Do With Security!

The vulnerabilities fixed in iOS 16.1 and iPad OS 16 are detailed here.

Contents

About Apple security updates

When a security issue is discovered, Apple investigates discussing it publicly or releasing a fix for it. The most recent upgrades can be found on Apple’s security updates page.

When possible, Apple’s security documentation will refer to vulnerabilities by their CVE-IDs.

Visit Apple’s Product Security website for further details.

iOS 16.1 and iPadOS 16

Released October 24, 2022

Apple Neural Engine

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Consequences: An programme might be able to run arbitrary code with root access.

Memory management enhancements were implemented to fix this issue.

Mohamed Ghannam (@ simo36) reported vulnerability CVE-2022-32932.

AppleMobileFileIntegrity

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Potential repercussions: a programme could alter otherwise secure areas of the file system

The problem was fixed by eliminating some privileges.

Impact: User data exposure is possible if parsing a maliciously engineered audio file

Memory management enhancements were implemented to fix this issue.

Anonymous contributors to the Trend Micro Zero Day Initiative have disclosed CVE-2022-42798.

AVEVideoEncoder

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Consequences: An programme might be able to run arbitrary code with root access.

Better bounds checks were implemented to fix the bug.

ABC Research s.r.o., CVE-2022-32940.

Backup

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Consequence: An application may gain access to iCloud backups

An issue with permissions was fixed by adding new controls.

Offensive Security’s Csaba Fitzl (@theevilbit) discovered CVE-2022-32929.

CFNetwork

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Effect: Processing a specially constructed certificate could result in the execution of arbitrary code.

An issue with WKWebView’s certificate validation was described. The problem was fixed by enhancing the validation process.

Open Computing Facility’s Jonathan Zhang discovered CVE-2022-42813 (ocf.berkeley.edu)

Core Bluetooth

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

A set of wireless AirPods connected to a smartphone might be used to record sounds.

Better entitlements allowed us to fix this problem.

Vulnerability CVE-2022-32946: Best Buddy Apps’ Guilherme Rambo (Rambo. codes)

FaceTime

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Its possible results include allowing access to prohibited content even when the screen is locked.

Improved state management was used to fix a problem with the lock screen.

Bistrit Dahal, CVE-202232935

GPU Drivers

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Consequences: An programme might be able to run arbitrary code with root access.

Memory management enhancements were implemented to fix this issue.

Lina Asahi (@LinaAsahi) discovered CVE-2020-32947.

Graphics Driver

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Consequences: An programme might be able to run arbitrary code with root access.

Better bounds checks were implemented to fix the bug.

Willy R. Vasquez of UT-Austin discovered vulnerability CVE-2022-32939.

IOHIDFamily

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Potential Impact: An App Can Force the Termination of Another App or Execution of an Arbitrary Code

Better state management is described as the solution to a memory corruption problem.

Peter Pan ZhenPeng of STAR Labs, Common Vulnerability and Exposure No. CVE-2022-42820

IOKit

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

The result could be that malicious software could gain full kernel access and execute arbitrary code.

Locking was made better to prevent a race condition.

Tingting Yin of Tsinghua University discovered CVE-2022-42806.

Kernel

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

The result could be that malicious software could gain full kernel access and execute arbitrary code.

Better state management is described as the solution to a memory corruption problem.

Tim Michaud (@TimGMichaud), of the AI company Move works, has disclosed a critical vulnerability (CVE-2022-32944).

Kernel

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

The result could be that malicious software could gain full kernel access and execute arbitrary code.

Locking was made better to prevent a race condition.

Xinru Chi of Pangu Lab and John Aakerblom (@jaakerblom) discovered CVE-2022-42803.

Kernel

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Impact: A root-level programme could potentially run arbitrary code with kernel permissions.

Better bounds checks were implemented to fix the bug.

Tim Michaud (@TimGMichaud), the founder of Moveworks.ai, has disclosed CVE-2022-32926.

Kernel

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

The result could be that malicious software could gain full kernel access and execute arbitrary code.

Better checks were implemented to fix a logical flaw.

Ian Beer of Google’s Project Zero discovered CVE-2022-42801.

Kernel

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

The result could be that malicious software could gain full kernel access and execute arbitrary code.

Memory management enhancements were implemented to fix this issue.

Project Zero at Google’s Ian Beer Identifies Critical Vulnerability CVE-2022-32924

Kernel

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Consequence: A malicious user on the outside could potentially execute kernel code.

Out-of-bounds writing has been fixed thanks to enhanced bounds checking.

Zweig of Kunlun Lab discovered CVE-2020-42808

Kernel

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

The effect could be that an app could gain access to the kernel and run code with root permissions. Apple has been made aware of speculation that this vulnerability has been exploited in the wild.

Out-of-bounds writing has been fixed thanks to enhanced bounds checking.

The CVE-2022-42827 Flaw: Unidentified Researcher

Model I/O

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Implication: Opening a specially designed USD file could lead to the disclosure of sensitive memory contents.

Memory management enhancements were implemented to fix this issue.

Ant Security Light-Year Lab’s Xingwei Lin (@xwlin Roy) and Yinyi Wu discovered CVE-2022-42810.

PPP

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Implication: Buffer overflows can lead to the execution of arbitrary code.

Better bounds checks were implemented to fix the bug.

One unknown researcher discovered CVE-2022-32941.

PPP

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Impact: A root-level programme could potentially run arbitrary code with kernel permissions.

Memory management issues, specifically use after free, have been fixed.

An unknown researcher discovered CVE-2022-42829.

PPP

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Impact: A root-level programme could potentially run arbitrary code with kernel permissions.

Memory management enhancements were implemented to fix this issue.

Issued by an unknown researcher (CVE-2022-42830)

PPP

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Impact: A root-level programme could potentially run arbitrary code with kernel permissions.

Locking was made better to prevent a race condition.

For CVE-2022-42831, an unknown researcher

An unknown researcher discovered CVE-2022-42832.

Safari

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Consequences: Personal information could be compromised if you visit a rogue website

Description: Better state management was implemented to fix a logical flaw.

Researchers: Chris Kanich, Associate Professor at the University of Illinois at Chicago; Mir Masood Ali, PhD student at the University of Illinois at Chicago; Binoy Chitale, MS student at Stony Brook University; Mohammad Ghasemisharif, PhD Candidate at the University of Illinois at Chicago;

Sandbox

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Consequences: A malicious programme could gain access to private information.

Additional sandbox constraints were implemented to solve an access problem.

Snowflake’s Justin Bui (@slyd0g) discovered CVE-2022-42811.

Shortcuts

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Implication: a shortcut might potentially verify the file system presence of any given path.

Extensive changes were made to the path validation system to fix a parsing issue with the handling of directory paths.

Romania’s Tudor Vianu National High School of Computer Science’s Cristian Dinca discovered CVE-2022-32938.

WebKit

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Negative Effects: Visiting a Malicious Website Could Lead to “Spoofed” User Interfaces

Enhanced user interface handling was implemented to fix the problem.

WebKit

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Effect: Processing specially prepared web content could result in the execution of arbitrary code.

To fix a problem with type confusion, the way memory was handled was modified.

iOS 16.1 for iPhone
iOS 16.1 for iPhone

WebKit

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Result: It’s possible that private user data could be leaked if maliciously generated web content was processed.

Description: Better state management was implemented to fix a logical flaw.

WebKit PDF

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Effect: Processing specially prepared web content could result in the execution of arbitrary code.

Memory management issues, specifically use after free, have been fixed.

WebKit

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

The effect is that if the app processes maliciously designed online content, it may reveal private information about itself.

More stringent validations were implemented to fix a JIT bug that was preventing it from running correctly.

Wi-Fi

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Signing up for a rogue wireless network has the potential to crash your device’s settings.

Memory management enhancements were implemented to fix this issue.

Dr Hideaki Goto of Tohoku University, Japan, discovered CVE-2020-32927.

zlib

Compatible with the iPhone 8 and later, all models of the iPad Pro, the iPad Air 3 and later, the iPad 5 and later, and the iPad mini 5 and later.

Influence: A user could potentially trigger a crash or even execute arbitrary code in a programme.

More stringent checks have been implemented to prevent this from happening again.

Identifier: CVE-2022-37434 Evgeny Legerov

Evgeny Legerov, CVE-2022-42800

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top