PT-2020-17223 · Apple · Apple Macos+5
Xingwei Lin
·
Published
2020-12-14
·
Updated
2021-04-08
·
CVE-2020-29617
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Apple macOS versions prior to Big Sur 11.1
Apple macOS versions prior to Security Update 2020-001 Catalina
Apple macOS versions prior to Security Update 2020-007 Mojave
Apple tvOS versions prior to 14.3
Apple iOS versions prior to 14.3
Apple iPadOS versions prior to 14.3
Apple iCloud for Windows versions prior to 12.0
Apple watchOS versions prior to 7.2
Description
An out-of-bounds read issue was addressed with improved input validation. Processing a maliciously crafted image may lead to heap corruption.
Recommendations
For macOS Big Sur, update to version 11.1 or later.
For macOS Catalina, apply Security Update 2020-001 or later.
For macOS Mojave, apply Security Update 2020-007 or later.
For tvOS, update to version 14.3 or later.
For iOS, update to version 14.3 or later.
For iPadOS, update to version 14.3 or later.
For iCloud for Windows, update to version 12.0 or later.
For watchOS, update to version 7.2 or later.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apple Macos
Icloud For Windows
Ios
Ipados
Tvos
Watchos