CVE-2019-8547

Опубликовано: 27 окт. 2020

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A remote attacker may be able to leak memory.

Ссылки

https://support.apple.com/en-us/HT209599
Vendor Advisory
https://support.apple.com/en-us/HT209600
Vendor Advisory
https://support.apple.com/en-us/HT209602
Vendor Advisory
https://support.apple.com/en-us/HT210119
Vendor Advisory
https://support.apple.com/en-us/HT209599
Vendor Advisory
https://support.apple.com/en-us/HT209600
Vendor Advisory
https://support.apple.com/en-us/HT209602
Vendor Advisory
https://support.apple.com/en-us/HT210119
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 12.2 (исключая)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия от 10.12.6 (включая) до 10.14.5 (исключая)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Версия до 5.2 (исключая)

Конфигурация 2

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия от 10.14.3 (включая) до 10.14.4 (исключая)

EPSS

Процентиль: 77%

0.01002

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-v34h-4f6h-chj2

github

больше 3 лет назад