Key Information about tvOS 16 Vulnerabilities Release Date: September 12, 2022 Vulnerability Details Accelerate Framework - Impact: Processing maliciously crafted images may lead to arbitrary code execution - Description: Resolved memory consumption issue via improved memory handling - CVE: CVE-2022-42795 AppleAVD - Impact: Applications may be able to execute arbitrary code with kernel privileges - Description: Issue resolved via improved checks - CVE: CVE-2022-32907 GPU Driver - Impact: Applications may be able to execute arbitrary code with kernel privileges - Description: Use-after-free issue resolved via improved memory management - CVE: CVE-2022-32903 ImageIO - Impact: Processing images may lead to denial of service - Description: Denial of service issue resolved via improved validation - CVE: CVE-2022-1622 Image Processing - Impact: Sandboxed applications may be able to determine which application is currently using the camera - Description: Issue resolved by limiting observability of application state - CVE: CVE-2022-32913 Image Processing - Impact: Applications may be able to execute arbitrary code with kernel privileges - Description: Issue resolved via improved checks - CVE: CVE-2022-32949 Kernel - Impact: Applications may be able to fill kernel memory - Description: Issue resolved via improved memory handling - CVE: CVE-2022-32864 Kernel - Impact: Applications may be able to execute arbitrary code with kernel privileges - Description: Issue resolved via improved memory handling - CVE: CVE-2022-32866 Kernel - Impact: Applications may be able to execute arbitrary code with kernel privileges - Description: Use-after-free issue resolved via improved memory management - CVE: CVE-2022-32911