CVE-2022-22674: 
macOS vulnerability analysis and mitigation

CVE-2022-22674 is an out-of-bounds read vulnerability discovered in Apple's macOS operating system that leads to the disclosure of kernel memory. The vulnerability was fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, and macOS Big Sur 11.6.6, released on March 31, 2022. The vulnerability affects multiple versions of macOS including Monterey, Big Sur, and Catalina (Apple Support).

The vulnerability is classified as an out-of-bounds read issue (CWE-125) in the Intel Graphics Driver component that could lead to the disclosure of kernel memory. It received a CVSS v3.1 base score of 5.5 (Medium) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating local access required with low attack complexity (NVD).

The vulnerability allows a local user to read kernel memory, potentially exposing sensitive system information. This could lead to information disclosure that might be used to further compromise the system (Apple Support).

Apple addressed this vulnerability with improved input validation in updates released on March 31, 2022. Users should update to macOS Monterey 12.3.1, Security Update 2022-004 Catalina, or macOS Big Sur 11.6.6, depending on their operating system version (Apple Support, Apple Support, Apple Support).