AppleがiPhoneなど向けiOS 15.5とiPadOS 15.5をリリース!

Appleは16日(現地時間)、iPhoneおよびiPod touch向けプラットフォーム「iOS」とiPad向けプラットフォーム「iPadOS」の最新バージョン「iOS 15.5(19F77)」および「iPadOS 15.5(19F77)」を提供開始したとお知らせしています。

対象機種はiOS 15およびiPadOS 15の対象機種である最新の「iPhone SE(第3世代)」や「iPhone 13」シリーズ、「iPad Air(第5世代)」を含むiPhone 6s以降およびiPod touch(第7世代)、iPad(第5世代)・iPad Air 2・iPad mini 4・iPad Pro以降の各製品にて無料で更新可能です。

変更点は「Apple Podcast」アプリやその他の機能が強化されているほか、様々な不具合の改善やセキュリティーの修正が行われており、脆弱性では「CVE-2022-26702」や「CVE-2022-26751」、「CVE-2022-26736〜26740」、「CVE-2022-26763」、「CVE-2022-26744」、「CVE-2022-26711」などの27項目の修正が行われています。

その他、スマートウォッチ「Apple Watch」向け「watchOS」の最新バージョン「watchOS 8.6(19T572)」やスマートテレビ「Apple TV」向け「tvOS」の最新バージョン「tvOS 15.5(19L570)、パソコン「Mac」向け「macOS」の最新バージョン「macOS 12.4(21F79)」なども提供開始されています。

02
iOS 15.5およびiPadOS 15.5における脆弱性修正の案内

iPhoneやiPod touch向けのiOS、iPad向けのiPadOSの最新メジャーバージョンとして昨年9月に提供開始されたiOS 15およびiPadOS 15ですが、その後、各種の新機能が追加されたiOS 15.1・iPadOS 15.1およびiOS 15.2・iPadOS 15.2、iOS 15.3・iPadOS 15.3、iOS 15.4・iPadOS 15.4が提供開始されてきました。

今回、さらにApple Podcastsアプリなどの強化のほか、不具合や脆弱性の修正が行われたiOS 15.5・iPadOS 15.5が提供開始されました。更新は従来通り各製品本体のみでOTA(On-The-Air)によりダウンロードで行え、方法としては、「設定」→「一般」→「ソフトウェア・アップデート」から行えます。

またiTunesをインストールしたWindowsおよびMacとUSB-Lightningケーブルで接続しても実施できます。なお、単体でアップデートする場合のダウンロードサイズは手持ちのiPhone 13 Pro MaxでiOS 15.4.1からだと672.9MBとなっています。Appleが案内しているアップデートの内容およびセキュリティーコンテンツの修正は以下の通り。

iOS 15.5
iOS 15.5には、Apple Podcastやその他機能の強化、およびバグ修正が含まれます。

iOS 15.5には、以下の機能改善とバグ修正が含まれます:
・Apple PodcastにiPhoneに保存するエピソードの数を制限して、古いエピソードを自動的に削除する新しい設定を追加
・ホームのメンバーが到着/出発したときにホームオートメーションが作動しない場合がある問題を修正
一部の機能は、地域やAppleデバイスによっては使用できない場合があります。Appleソフトウェア・アップデートのセキュリティコンテンツについては、以下のWebサイトをご覧ください:
https://support.apple.com/ja-jp/HT201222

iPadOS 15.5
iPadOS 15.5には、Apple Podcastやその他機能の強化、およびバグ修正が含まれます。

iPadOS 15.5には、以下の機能改善とバグ修正が含まれます:
・Apple PodcastにiPadに保存するエピソードの数を制限して、古いエピソードを自動的に削除する新しい設定を追加

一部の機能は、地域やAppleデバイスによっては使用できない場合があります。Appleソフトウェア・アップデートのセキュリティコンテンツについては、以下のWebサイトをご覧ください:
https://support.apple.com/ja-jp/HT201222

iOS 15.5 and iPadOS 15.5
Released May 16, 2022

・AppleAVD
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A use after free issue was addressed with improved memory management.CVE-2022-26702: an anonymous researcher

・AppleGraphicsControl
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved input validation.CVE-2022-26751: Michael DePlante (@izobashi) of Trend Micro Zero Day Initiative

・AVEVideoEncoder
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2022-26736: an anonymous researcher
CVE-2022-26737: an anonymous researcher
CVE-2022-26738: an anonymous researcher
CVE-2022-26739: an anonymous researcher
CVE-2022-26740: an anonymous researcher

・DriverKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: An out-of-bounds access issue was addressed with improved bounds checking.
CVE-2022-26763: Linus Henze of Pinauten GmbH (pinauten.de)

・GPU Drivers
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2022-26744: an anonymous researcher

・ImageIO
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: An integer overflow issue was addressed with improved input validation.
CVE-2022-26711: actae0n of Blacksun Hackers Club working with Trend Micro Zero Day Initiative

・IOKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2022-26701: chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab

・IOMobileFrameBuffer
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2022-26768: an anonymous researcher

・IOSurfaceAccelerator
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2022-26771: an anonymous researcher

・Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved validation.
CVE-2022-26714: Peter Nguyễn Vũ Hoàng (@peternguyen14) of STAR Labs (@starlabs_sg)

・Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A use after free issue was addressed with improved memory management.
CVE-2022-26757: Ned Williamson of Google Project Zero

・Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations
Description: A memory corruption issue was addressed with improved validation.
CVE-2022-26764: Linus Henze of Pinauten GmbH (pinauten.de)

・Kernel
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious attacker with arbitrary read and write capability may be able to bypass Pointer Authentication
Description: A race condition was addressed with improved state handling.
CVE-2022-26765: Linus Henze of Pinauten GmbH (pinauten.de)

・LaunchServices
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A sandboxed process may be able to circumvent sandbox restrictions
Description: An access issue was addressed with additional sandbox restrictions on third-party applications.
CVE-2022-26706: Arsenii Kostromin (0x3c3e)

・libxml2
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause unexpected application termination or arbitrary code execution
Description: A use after free issue was addressed with improved memory management.
CVE-2022-23308

・Notes
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing a large input may lead to a denial of service
Description: This issue was addressed with improved checks.
CVE-2022-22673: Abhay Kailasia (@abhay_kailasia) of Lakshmi Narain College Of Technology Bhopal

・Safari Private Browsing
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious website may be able to track users in Safari private browsing mode
Description: A logic issue was addressed with improved state management.
CVE-2022-26731: an anonymous researcher

・Security
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious app may be able to bypass signature validation
Description: A certificate parsing issue was addressed with improved checks.
CVE-2022-26766: Linus Henze of Pinauten GmbH (pinauten.de)

・Shortcuts
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A person with physical access to an iOS device may be able to access photos from the lock screen
Description: An authorization issue was addressed with improved state management.
CVE-2022-26703: Salman Syed (@slmnsd551)

・WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to code execution
Description: A memory corruption issue was addressed with improved state management.
WebKit Bugzilla: 238178
CVE-2022-26700: ryuzaki

・WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A use after free issue was addressed with improved memory management.
WebKit Bugzilla: 236950
CVE-2022-26709: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab
WebKit Bugzilla: 237475
CVE-2022-26710: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab
WebKit Bugzilla: 238171
CVE-2022-26717: Jeonghoon Shin of Theori

・WebKit
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to arbitrary code execution
Description: A memory corruption issue was addressed with improved state management.
WebKit Bugzilla: 238183
CVE-2022-26716: SorryMybad (@S0rryMybad) of Kunlun Lab
WebKit Bugzilla: 238699
CVE-2022-26719: Dongzhuo Zhao working with ADLab of Venustech

・WebRTC
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: Video self-preview in a webRTC call may be interrupted if the user answers a phone call
Description: A logic issue in the handling of concurrent media was addressed with improved state handling.
WebKit Bugzilla: 237524
CVE-2022-22677: an anonymous researcher

・Wi-Fi
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may disclose restricted memory
Description: A memory corruption issue was addressed with improved validation.
CVE-2022-26745: an anonymous researcher

・Wi-Fi
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may be able to elevate privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2022-26760: 08Tc3wBB of ZecOps Mobile EDR Team

・Wi-Fi
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2015-4142: Kostya Kortchinsky of Google Security Team

・Wi-Fi
Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation)
Impact: A malicious application may be able to execute arbitrary code with system privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2022-26762: Wang Yu of Cyberserval














記事執筆:memn0ck


■関連リンク
エスマックス(S-MAX)
エスマックス(S-MAX) smaxjp on Twitter
S-MAX - Facebookページ
iOS 15 関連記事一覧 - S-MAX
iPadOS 15 関連記事一覧 - S-MAX
iOS 15 のアップデートについて - Apple サポート (日本)
iPadOS 15 のアップデートについて - Apple サポート (日本)
iOS 15.5 および iPadOS 15.5 のセキュリティコンテンツについて - Apple サポート (日本)
Apple セキュリティアップデート - Apple サポート