CVE-2019-6207Out-of-bounds Read in Apple Macos

CWE-125Out-of-bounds Read7 documents4 sources
Severity
5.5MEDIUMNVD
EPSS
0.7%
top 28.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple IOSApple MacosApple Tvos+3 more
Timeline
PublishedDec 18
Latest updateMay 24

Description

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages8 packages

CVEListV5apple/tvosunspecifiedtvOS 12.2
NVDapple/tvos< 12.2
CVEListV5apple/macosunspecifiedmacOS Mojave 10.14.4
CVEListV5apple/watchosunspecifiedwatchOS 5.2
NVDapple/watchos< 5.2

🔴Vulnerability Details

2
GHSA
GHSA-8m2g-hqw3-95cp: An out-of-bounds read issue existed that led to the disclosure of kernel memory2022-05-24
CVEList
CVE-2019-6207: An out-of-bounds read issue existed that led to the disclosure of kernel memory2019-12-18

📋Vendor Advisories

4
Apple
CVE-2019-6207: watchOS 5.22019-03-27
Apple
CVE-2019-6207: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra2019-03-25
Apple
CVE-2019-6207: iOS 12.22019-03-25
Apple
CVE-2019-6207: tvOS 12.22019-03-25
CVE-2019-6207 — Out-of-bounds Read in Apple Macos | cvebase