Vulnerability Name: | CVE-2020-27950 (CCN-191277) | ||||||||||||
Assigned: | 2020-11-05 | ||||||||||||
Published: | 2020-11-05 | ||||||||||||
Updated: | 2021-02-11 | ||||||||||||
Summary: | A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory. | ||||||||||||
CVSS v3 Severity: | 5.5 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) 5.0 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C)
5.0 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N)
| ||||||||||||
Vulnerability Type: | CWE-665 | ||||||||||||
Vulnerability Consequences: | Obtain Information | ||||||||||||
References: | Source: MITRE Type: CNA CVE-2020-27950 Source: MISC Type: Third Party Advisory, VDB Entry http://packetstormsecurity.com/files/161296/XNU-Kernel-Mach-Message-Trailers-Memory-Disclosure.html Source: FULLDISC Type: Mailing List, Third Party Advisory 20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 Source: XF Type: UNKNOWN apple-ios-cve202027950-info-disc(191277) Source: CCN Type: Packet Storm Security [02-05-2021] XNU Kernel Mach Message Trailers Memory Disclosure Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT211928 Source: CCN Type: Apple security document HT211929 About the security content of iOS 14.2 and iPadOS 14.2 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT211929 Source: CCN Type: Apple security document HT211931 About the security content of macOS Big Sur 11.0.1 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT211931 Source: CCN Type: Apple security document HT211940 About the security content of iOS 12.4.9 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT211940 Source: CCN Type: Apple security document HT211944 About the security content of watchOS 6.2.9 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT211944 Source: CCN Type: Apple security document HT211945 About the security content of watchOS 5.3.9 Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT211945 Source: CCN Type: Apple security document HT211946 About the security content of Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT211946 Source: CCN Type: Apple security document HT211947 About the security content of macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update Source: MISC Type: Vendor Advisory https://support.apple.com/en-us/HT211947 Source: CCN Type: CYBERSECURITY & INFRASTRUCTURE SECURITY AGENCY KNOWN EXPLOITED VULNERABILITIES CATALOG | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||||||
BACK |