Steffen Klee

**Name of the Vulnerable Software and Affected Versions** macOS Big Sur versions prior to 11.1 Security Update 2020-001 Catalina (affected versions not specified) Security Update 2020-007 Mojave (affected versions not specified) **Description** The issue allows a malicious application to cause unexpected changes in memory belonging to processes traced by DTrace. This is due to insufficient checks that can be exploited to perform unauthorized actions. **Recommendations** For macOS Big Sur, update to version 11.1 or later. For Security Update 2020-001 Catalina, apply the security update. For Security Update 2020-007 Mojave, apply the security update. As a temporary workaround, consider restricting the use of DTrace until a patch is available.

**Name of the Vulnerable Software and Affected Versions** iOS versions prior to 13.2 iPadOS versions prior to 13.2 macOS Catalina versions prior to 10.15.1 tvOS versions prior to 13.2 watchOS versions prior to 6.1 **Description** The issue involves an out-of-bounds read that can be exploited by a remote attacker to potentially leak memory. This is achieved through inadequate input validation, which has been improved in the fixed versions. **Recommendations** For iOS versions prior to 13.2, update to iOS 13.2 or later. For iPadOS versions prior to 13.2, update to iPadOS 13.2 or later. For macOS Catalina versions prior to 10.15.1, update to macOS Catalina 10.15.1 or later. For tvOS versions prior to 13.2, update to tvOS 13.2 or later. For watchOS versions prior to 6.1, update to watchOS 6.1 or later.