ID

VAR-202004-2001

CVE

CVE-2020-3893

TITLE

macOS Catalina Memory Corruption Vulnerability in

DESCRIPTION

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges. Apple macOS Catalina is a set of dedicated operating systems developed by Apple for Mac computers. Bluetooth is one of the Bluetooth components. A buffer error vulnerability exists in the Bluetooth component of Apple macOS Catalina versions prior to 10.15.4. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra are now available and address the following: Apple HSSPI Support Available for: macOS Catalina 10.15.3 Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2020-3904: Proteas of Qihoo 360 Nirvan Team AppleMobileFileIntegrity Available for: macOS Catalina 10.15.3 Impact: An application may be able to use arbitrary entitlements Description: This issue was addressed with improved checks. CVE-2020-3883: Linus Henze (pinauten.de) Bluetooth Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3 Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2020-3907: Yu Wang of Didi Research America CVE-2020-3908: Yu Wang of Didi Research America CVE-2020-3912: Yu Wang of Didi Research America Bluetooth Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6 Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2020-3892: Yu Wang of Didi Research America CVE-2020-3893: Yu Wang of Didi Research America CVE-2020-3905: Yu Wang of Didi Research America Call History Available for: macOS Catalina 10.15.3 Impact: A malicious application may be able to access a user's call history Description: This issue was addressed with a new entitlement. CVE-2020-9776: Benjamin Randazzo (@____benjamin) CoreFoundation Available for: macOS Catalina 10.15.3 Impact: A malicious application may be able to elevate privileges Description: A permissions issue existed. CVE-2020-3913: Timo Christ of Avira Operations GmbH & Co. KG FaceTime Available for: macOS Catalina 10.15.3 Impact: A local user may be able to view sensitive user information Description: A logic issue was addressed with improved state management. CVE-2020-3881: Yuval Ron, Amichai Shulman and Eli Biham of Technion - Israel Institute of Technology Icons Available for: macOS Catalina 10.15.3 Impact: A malicious application may be able to identify what other applications a user has installed Description: The issue was addressed with improved handling of icon caches. CVE-2020-9773: Chilik Tamir of Zimperium zLabs Intel Graphics Driver Available for: macOS Catalina 10.15.3 Impact: A malicious application may disclose restricted memory Description: An information disclosure issue was addressed with improved state management. CVE-2019-14615: Wenjian HE of Hong Kong University of Science and Technology, Wei Zhang of Hong Kong University of Science and Technology, Sharad Sinha of Indian Institute of Technology Goa, and Sanjeev Das of University of North Carolina IOHIDFamily Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3 Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-3919: an anonymous researcher IOThunderboltFamily Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6 Impact: An application may be able to gain elevated privileges Description: A use after free issue was addressed with improved memory management. CVE-2020-3851: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. and Luyi Xing of Indiana University Bloomington Kernel Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3 Impact: An application may be able to read restricted memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2020-9785: Proteas of Qihoo 360 Nirvan Team libxml2 Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3 Impact: Multiple issues in libxml2 Description: A buffer overflow was addressed with improved bounds checking. CVE-2020-3909: LGTM.com CVE-2020-3911: found by OSS-Fuzz libxml2 Available for: macOS High Sierra 10.13.6, macOS Mojave 10.14.6, macOS Catalina 10.15.3 Impact: Multiple issues in libxml2 Description: A buffer overflow was addressed with improved size validation. CVE-2020-3910: LGTM.com Mail Available for: macOS High Sierra 10.13.6, macOS Catalina 10.15.3 Impact: A remote attacker may be able to cause arbitrary javascript code execution Description: An injection issue was addressed with improved validation. CVE-2020-3884: Apple sudo Available for: macOS Catalina 10.15.3 Impact: An attacker may be able to run commands as a non-existent user Description: This issue was addressed by updating to sudo version 1.8.31. CVE-2019-19232 TCC Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.3 Impact: A maliciously crafted application may be able to bypass code signing enforcement Description: A logic issue was addressed with improved restrictions. CVE-2020-3906: Patrick Wardle of Jamf Vim Available for: macOS Catalina 10.15.3 Impact: Multiple issues in Vim Description: Multiple issues were addressed by updating to version 8.1.1850. CVE-2020-9769: Steve Hahn from LinkedIn Additional recognition CoreText We would like to acknowledge an anonymous researcher for their assistance. FireWire Audio We would like to acknowledge Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. and Luyi Xing of Indiana University Bloomington for their assistance. FontParser We would like to acknowledge Matthew Denton of Google Chrome for their assistance. Install Framework Legacy We would like to acknowledge Pris Sears of Virginia Tech, Tom Lynch of UAL Creative Computing Institute, and an anonymous researcher for their assistance. LinkPresentation We would like to acknowledge Travis for their assistance. OpenSSH We would like to acknowledge an anonymous researcher for their assistance. rapportd We would like to acknowledge Alexander Heinrich (@Sn0wfreeze) of Technische Universität Darmstadt for their assistance. Sidecar We would like to acknowledge Rick Backley (@rback_sec) for their assistance. Installation note: macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ -----BEGIN PGP SIGNATURE----- Version: BCPG v1.64 iQIcBAEDCAAGBQJeejDOAAoJEAc+Lhnt8tDNTtkP/RRnnsXeWXRjFHoRf7P+npKE Je0ZSoqv08Tgmv+Q0voSdCFZjFAqKXviVgZTGFT7LsuUWqdZEATxkB1fevt7t3Bl qXWNGpna3mGqWl6I2cWKxVOHT9fysO/31ADgFIwgOWSodvImNdp/JBpOcyRqcFJc B3TpNq8xtKSpWBVrq0TVHRWMu87VJHkGi78jAJ4x7qgXyWICf3usa9ajqYqzV99m 6/DrIH4s2Um2zJVi4YyzK0+rR2B2Q1eO8CFuzUB9D1HKCEnRXoRfALFC8v83p7cC m46CarISSrnMEYkxNhxsOGQbcMyBR3GDNZlo8/Y+Syqgwp3AKWbRFUDDM9vbCv6F z1fkWBmGftcd6G8dqO0dMAR6asglg9z2/GF/+3pZh5Mmmd7EBX+YeA84BhDTTsTs 671Af+F8OxSqgRV8qe+dbiFbD9qylM1luJD98PzoiFMO3h29fS41ofpuA6BTrdQN JPWY0NwTS11xQb11LHhXm7nF9vsrCIIspauOfkLbpCx6AWJQ/FpPyIXBYUEJ50ho NWWv4jmT+v8PSC2tSM0yMeI4OJX/+yd91uKLqzGGr1x2zshrXoMx0VDpg8HJkLfT y7CSgFrBGO8AgrcsZ6I8nDleoBsrEpLh2qEil7GexwoyUrVvfxCueW0shv4Oo4gf ZHp7Jd+FZIoCP69dNnxG =AUHy -----END PGP SIGNATURE-----

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

local

TYPE

buffer error

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Apple

SOURCES

LAST UPDATE DATE

2024-11-23T20:41:38.842000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE