| | 1 | + |  |
| | 2 | + | |
| | 3 | + | ## Two security patch for libxml2 on macOS Ventura 13.0.1, iOS 16.1.1 and iPadOS 16.1.1 |
| | 4 | + | read more on [cra.sh](https://cra.sh/cve-2022-40303-4) |
| | 5 | + | |
| | 6 | + | **libxml2** |
| | 7 | + | |
| | 8 | + | Available for: macOS Ventura, iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later |
| | 9 | + | |
| | 10 | + | Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution |
| | 11 | + | |
| | 12 | + | Description: An integer overflow was addressed through improved input validation. |
| | 13 | + | |
| | 14 | + | CVE-2022-40303: Maddie Stone of Google Project Zero |
| | 15 | + | |
| | 16 | + | [poc_40303.sh](poc_40303.sh) |
| | 17 | + | |
| | 18 | + | **libxml2** |
| | 19 | + | |
| | 20 | + | Available for: macOS Ventura, iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later |
| | 21 | + | |
| | 22 | + | Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution |
| | 23 | + | |
| | 24 | + | Description: This issue was addressed with improved checks. |
| | 25 | + | |
| | 26 | + | CVE-2022-40304: Ned Williamson and Nathan Wachholz of Google Project Zero |
| | 27 | + | |
| | 28 | + | [poc_40304.md](poc_40304.md) |
Charlie Root
committed
1 year ago
1 parent e91351c4