Apple iOS and macOS Out-of-Bounds Write Vulnerability Allowing Arbitrary Code Execution with Kernel Privileges

A vulnerability exists in Apple iOS and macOS that involves an out-of-bounds write issue. This vulnerability has been addressed in iOS 15.6.1, iPadOS 15.6.1, and macOS Monterey 12.5.1. The issue allows an application to execute arbitrary code with kernel privileges. Apple is aware of reports suggesting that this vulnerability may have been actively exploited.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution with kernel privileges.

Remediation

Users can update to iOS 15.6.1, iPadOS 15.6.1, or macOS Monterey 12.5.1. Instructions for updating iOS and iPadOS are available on the Apple Support website. macOS Big Sur 11.7 may be obtained from the Mac App Store or Apple's Software Downloads website. For watchOS 9, instructions are available on the Apple Support website.