← Back

CVE-2020-9844

nvd nist
Published: Jun 9, 2020Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

Affected (26)

Apple
3 products
Ipados
Iphone Os
Mac Os X
Configuration A
26 vulnerable
Vulnerable SoftwareAffected Versions
Ipados
Before 13.5
Iphone Os
Before 13.5
Apple
Mac Os X
From 10.13 to 10.13.6
Mac Os X
From 10.14 to 10.14.6
Mac Os X
From 10.15 to 10.15.5
Mac Os X
Version 10.13.6
Mac Os X
Version 10.13.6 security_update_2018-002
Mac Os X
Version 10.13.6 security_update_2018-003
Mac Os X
Version 10.13.6 security_update_2019-001
Mac Os X
Version 10.13.6 security_update_2019-002
Mac Os X
Version 10.13.6 security_update_2019-003
Mac Os X
Version 10.13.6 security_update_2019-004
Mac Os X
Version 10.13.6 security_update_2019-005
Mac Os X
Version 10.13.6 security_update_2019-006
Mac Os X
Version 10.13.6 security_update_2019-007
Mac Os X
Version 10.13.6 security_update_2020-001
Mac Os X
Version 10.13.6 security_update_2020-002
Mac Os X
Version 10.14.6
Mac Os X
Version 10.14.6 security_update_2019-001
Mac Os X
Version 10.14.6 security_update_2019-002
Mac Os X
Version 10.14.6 security_update_2019-004
Mac Os X
Version 10.14.6 security_update_2019-005
Mac Os X
Version 10.14.6 security_update_2019-006
Mac Os X
Version 10.14.6 security_update_2019-007
Mac Os X
Version 10.14.6 security_update_2020-001
Mac Os X
Version 10.14.6 security_update_2020-002

Related CWEs

CWE-415
Double Free
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.

References (4)

Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.