CVE-2022-22657

HIGH

Logic Pro <10.7.3, GarageBand <10.4.6, macOS Monterey <12.3 - Memor...

Title source: llm

Description

A memory initialization issue was addressed with improved memory handling. This issue is fixed in Logic Pro 10.7.3, GarageBand 10.4.6, macOS Monterey 12.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.

References (3)

[Vendor Advisory] https://support.apple.com/en-us/HT213183

[Vendor Advisory] https://support.apple.com/en-us/HT213190

[Vendor Advisory] https://support.apple.com/en-us/HT213191

Scores

CVSS v3 7.8

EPSS 0.0050

EPSS Percentile 66.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-665

Status published

Products (3)

apple/garageband < 10.4.6

apple/logic_pro_x < 10.7.3

apple/macos < 12.3

Published Mar 18, 2022

Tracked Since Feb 18, 2026