CVE-2019-8547Out-of-bounds Read in Apple Macos

CWE-125Out-of-bounds Read8 documents4 sources
Severity
9.8CRITICALNVD
EPSS
1.0%
top 22.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Apple IOSApple MacosApple Iphone OS+2 more
Timeline
PublishedOct 27
Latest updateMay 24

Description

An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A remote attacker may be able to leak memory.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages5 packages

CVEListV5apple/macosunspecified10.14+1
NVDapple/mac_os_x10.12.610.14.5+1
NVDapple/watchos< 5.2
CVEListV5apple/iosunspecified12.2
NVDapple/iphone_os< 12.2

🔴Vulnerability Details

2
GHSA
GHSA-v34h-4f6h-chj2: An out-of-bounds read issue existed that led to the disclosure of kernel memory2022-05-24
CVEList
CVE-2019-8547: An out-of-bounds read issue existed that led to the disclosure of kernel memory2020-10-27

📋Vendor Advisories

5
Apple
CVE-2019-8547: macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra2019-05-13
Apple
CVE-2019-8547: watchOS 5.22019-03-27
Apple
CVE-2019-8547: iOS 12.22019-03-25
Apple
CVE-2019-8547: tvOS 12.22019-03-25
Apple
CVE-2019-8547: macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra2019-03-25
CVE-2019-8547 — Out-of-bounds Read in Apple Macos | cvebase