CVE-2019-8527Classic Buffer Overflow in Apple Macos

CWE-120Classic Buffer Overflow7 documents4 sources
Severity
9.1CRITICALNVD
EPSS
1.6%
top 18.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple IOSApple MacosApple Tvos+3 more
Timeline
PublishedDec 18
Latest updateMay 24

Description

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages8 packages

CVEListV5apple/tvosunspecifiedtvOS 12.2
NVDapple/tvos< 12.2
CVEListV5apple/macosunspecifiedmacOS Mojave 10.14.4
CVEListV5apple/watchosunspecifiedwatchOS 5.2
NVDapple/watchos< 5.2

🔴Vulnerability Details

2
GHSA
GHSA-c4q5-2fgw-8768: A buffer overflow was addressed with improved size validation2022-05-24
CVEList
CVE-2019-8527: A buffer overflow was addressed with improved size validation2019-12-18

📋Vendor Advisories

4
Apple
CVE-2019-8527: watchOS 5.22019-03-27
Apple
CVE-2019-8527: tvOS 12.22019-03-25
Apple
CVE-2019-8527: iOS 12.22019-03-25
Apple
CVE-2019-8527: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra2019-03-25
CVE-2019-8527 — Classic Buffer Overflow in Apple Macos | cvebase