CVE-2019-8545Out-of-bounds Write in Apple Macos

CWE-787Out-of-bounds Write7 documents4 sources
Severity
7.1HIGHNVD
EPSS
0.1%
top 80.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
6
Apple IOSApple MacosApple Tvos+3 more
Timeline
PublishedDec 18
Latest updateMay 24

Description

A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A local user may be able to cause unexpected system termination or read kernel memory.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HExploitability: 1.8 | Impact: 5.2

Affected Packages8 packages

CVEListV5apple/tvosunspecifiedtvOS 12.2
NVDapple/tvos< 12.2
CVEListV5apple/macosunspecifiedmacOS Mojave 10.14.4
CVEListV5apple/watchosunspecifiedwatchOS 5.2
NVDapple/watchos< 5.2

🔴Vulnerability Details

2
GHSA
GHSA-q5gh-r869-hq3x: A memory corruption issue was addressed with improved state management2022-05-24
CVEList
CVE-2019-8545: A memory corruption issue was addressed with improved state management2019-12-18

📋Vendor Advisories

4
Apple
CVE-2019-8545: watchOS 5.22019-03-27
Apple
CVE-2019-8545: tvOS 12.22019-03-25
Apple
CVE-2019-8545: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra2019-03-25
Apple
CVE-2019-8545: iOS 12.22019-03-25
CVE-2019-8545 — Out-of-bounds Write in Apple Macos | cvebase