CVE-2022-22611: Input Validation
ImageIO. An out-of-bounds read was addressed with improved input validation.
Other sources
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution.
Credit
Affected Software
Event History
Parent advisories
This vulnerability appears in the following advisories.
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2022-22633
- CVE-2022-22666
- CVE-2022-22634
- CVE-2022-22635
- CVE-2022-22636
- CVE-2022-22611
- CVE-2022-22612
- CVE-2022-22641
- CVE-2022-22613
- CVE-2022-22614
- CVE-2022-22615
- CVE-2022-22632
- CVE-2022-22638
- CVE-2022-22640
- CVE-2022-21658
- CVE-2022-22670
- CVE-2022-22609
- CVE-2022-22600
- CVE-2022-22621
- CVE-2022-22662
- CVE-2022-22610
- CVE-2022-22624
- CVE-2022-22628
- CVE-2022-22629
- CVE-2022-22637
- CVE-2022-22596
- CVE-2021-30946
- CVE-2021-36976
- CVE-2022-22618
- CVE-2022-22654
- CVE-2022-22599
- CVE-2022-22669
- CVE-2022-22665
- CVE-2022-22630
- CVE-2022-22631
- CVE-2022-22625
- CVE-2022-22648
- CVE-2022-22626
- CVE-2022-22627
- CVE-2022-22597
- CVE-2022-22616
- CVE-2022-22663
- CVE-2022-26691
- CVE-2021-22946
- CVE-2021-22947
- CVE-2021-22945
- CVE-2022-22643
- CVE-2022-22657
- CVE-2022-22664
- CVE-2021-30977
- CVE-2022-46706
- CVE-2022-22661
- CVE-2022-22647
- CVE-2022-22656
- CVE-2022-22672
- CVE-2022-22644
- CVE-2022-26690
- CVE-2022-26688
- CVE-2022-22617
- CVE-2022-22650
- CVE-2022-22655
- CVE-2022-22651
- CVE-2022-22639
- CVE-2022-22660
- CVE-2021-4136
- CVE-2021-4166
- CVE-2021-4173
- CVE-2021-4187
- CVE-2021-4192
- CVE-2021-4193
- CVE-2021-46059
- CVE-2022-0128
- CVE-2022-0156
- CVE-2022-0158
- CVE-2021-30918
- CVE-2022-22668
- CVE-2022-22582
- CVE-2022-22652
- CVE-2022-22598
- CVE-2022-22642
- CVE-2022-22667
- CVE-2022-22653
- CVE-2022-22622
- CVE-2022-22659
- CVE-2022-22671
Frequently Asked Questions
What is CVE-2022-22611?
CVE-2022-22611 is a vulnerability in ImageIO that allows for an out-of-bounds read.
What is the severity of CVE-2022-22611?
The severity of CVE-2022-22611 is not specified.
Which software versions are affected by CVE-2022-22611?
iTunes for Windows version up to and including 12.12.3, watchOS version up to and including 8.5, iOS version up to and including 15.4, iPadOS version up to and including 15.4, tvOS version up to and including 15.4, and macOS Monterey version up to and including 12.3 are affected by CVE-2022-22611.
How can CVE-2022-22611 be fixed?
To fix CVE-2022-22611, update to the latest version of the affected software.
Where can I find more information about CVE-2022-22611?
You can find more information about CVE-2022-22611 at the following references: [Reference 1](https://support.apple.com/en-us/HT213186), [Reference 2](https://support.apple.com/en-us/HT213193), [Reference 3](https://support.apple.com/en-us/HT213188).