Operation on a Resource after Expiration or Release

CVE-2022-42838

Low

3.3/10

Summary

An issue with app access to camera data was addressed with improved logic. This issue is fixed in macOS Ventura 13. A camera extension may be able to continue receiving video after the app which activated was closed.

Attack Complexity: LOW
Attack Vector: LOCAL
Integrity Impact: NONE
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-672 - Operation on a Resource after Expiration or Release

The software uses, accesses, or otherwise operates on a resource after that resource has been expired, released, or revoked.

References

Advisory Timeline

Published Feb 27, 2023

Operation on a Resource after Expiration or Release

CVE-2022-42838

Summary

CWE-672 - Operation on a Resource after Expiration or Release

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS