CVE-2019-8591: A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An…

CVE-2019-8591 [HIGH] CVE-2019-8591: macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra Apple Security Update: About the security content of macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra Product: macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra CVE: CVE-2019-8591 Component: Kernel Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A type confusion issue was addressed with improved memory handling.

CVE-2019-8591 [HIGH] CVE-2019-8591: watchOS 5.2.1 Apple Security Update: About the security content of watchOS 5.2.1 Product: watchOS Version: 5.2.1 CVE: CVE-2019-8591 Component: Kernel Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A type confusion issue was addressed with improved memory handling.

CVE-2019-8591 [HIGH] CVE-2019-8591: tvOS 12.3 Apple Security Update: About the security content of tvOS 12.3 Product: tvOS Version: 12.3 CVE: CVE-2019-8591 Component: Kernel Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A type confusion issue was addressed with improved memory handling.

CVE-2019-8591 [HIGH] CVE-2019-8591: iOS 12.3 Apple Security Update: About the security content of iOS 12.3 Product: iOS Version: 12.3 CVE: CVE-2019-8591 Component: Kernel Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A type confusion issue was addressed with improved memory handling.

CVE-2019-8591 [HIGH] GHSA-3fv9-r273-qjc2: A type confusion issue was addressed with improved memory handling A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 12.3, macOS Mojave 10.14.5, tvOS 12.3, watchOS 5.2.1. An application may be able to cause unexpected system termination or write kernel memory.

CVE-2019-8591 Apple macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl Apple macOS ifa_addr->sa_family != AF_INET6) { // #include #include #include #include #include #include /* # Reproduction Tested on macOS 10.14.3: $ clang -o stf_wild_read stf_wild_read.cc $ ./stf_wild_read # Explanation SIOCSIFADDR is an ioctl that sets the address of an interface. The stf interface ioctls are handled by the stf_ioctl function. The crash occurs in the following case where a `struct ifreq` is read into kernel memory and then casted to the incorrect `struct ifaddr` type. I suspect this ioctl is not intended to be reachable by the user, but is unintentionally exposed without the necessary translation from `ifreq` to `ifaddr`, e.g. as it is done in `inctl_ifaddr`. case SIOCSIFADDR: ifa = (struct ifaddr *)data; if (ifa == NULL) { error = EAFNOSUPPORT; break; } IFA_LOCK(ifa)