CVE-2020-10016

Опубликовано: 08 дек. 2020

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges.

Ссылки

http://seclists.org/fulldisclosure/2020/Dec/26
Mailing List
Third Party Advisory
http://seclists.org/fulldisclosure/2020/Dec/32
Mailing List
Third Party Advisory
https://support.apple.com/en-us/HT211928
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211929
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211930
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211931
Release Notes
Vendor Advisory
https://support.apple.com/kb/HT212011
Vendor Advisory
http://seclists.org/fulldisclosure/2020/Dec/26
Mailing List
Third Party Advisory
http://seclists.org/fulldisclosure/2020/Dec/32
Mailing List
Third Party Advisory
https://support.apple.com/en-us/HT211928
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211929
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211930
Release Notes
Vendor Advisory
https://support.apple.com/en-us/HT211931
Release Notes
Vendor Advisory
https://support.apple.com/kb/HT212011
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*

Версия до 14.2 (исключая)

cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*

Версия до 14.2 (исключая)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия от 10.14.0 (включая) до 10.14.6 (исключая)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Версия от 10.15 (включая) до 10.15.7 (исключая)

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-001:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-002:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-004:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-005:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-006:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2019-007:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-001:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-002:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-003:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-004:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-005:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:security_update_2020-006:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.14.6:supplemental_update_2:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020:*:*:*:*:*:*

cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*

Версия от 11.0 (включая) до 11.1 (исключая)

cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*

Версия до 14.2 (исключая)

cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*

Версия до 7.1 (исключая)

EPSS

Процентиль: 68%

0.00564

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-j5cx-chhx-m9h2

CVSS3: 7.8

github

больше 3 лет назад

EPSS

Процентиль: 68%

0.00564

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-787