PT-2020-5330 · Apple+7 · Apple Macos+8

Stephan Zeisberg

Published

2020-04-20

Updated

2024-06-15

CVE-2020-3898

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions macOS versions prior to 10.15.4 CUPS (affected versions not specified)

Description A memory corruption issue was addressed with improved validation, which may allow an application to gain elevated privileges. The issue is related to a buffer overflow in memory, potentially allowing an attacker to access confidential data, compromise its integrity, and cause a denial of service.

Recommendations For macOS versions prior to 10.15.4, update to macOS Catalina 10.15.4 to resolve the issue. For CUPS, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Memory Corruption

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-787CWE-20

Related Identifiers

ALT-PU-2021-1173

ALT-PU-2021-1245

ALT-PU-2022-2414

BDU:2021-00124

CESA-2020_4469

CVE-2020-3898

DLA-2237-1

MGASA-2020-0248

OPENSUSE-SU-2020:0555-1

OPENSUSE-SU-2020_0555-1

OPENSUSE-SU-2024:10707-1

RHSA-2020:4469

RHSA-2020_4469

RLSA-2020:4469

SUSE-SU-2020:1045-1

SUSE-SU-2020:1083-1

SUSE-SU-2020:14341-1

SUSE-SU-2020_1045-1

SUSE-SU-2020_1083-1

SUSE-SU-2020_14341-1

USN-4340-1

Affected Products

Alt Linux

Cups

Centos

Linuxmint

Red Hat

Rocky Linux

Suse

Ubuntu

Apple Macos

PT-2020-5330 · Apple+7 · Apple Macos+8

CVE-2020-3898

Weakness Enumeration

Related Identifiers

Affected Products

References · 71