CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2020-27950

Known Exploited (CISA KEV)MEDIUM
5.5
CVSS Severity Score
EPSS Score72.9130%
EPSS Percentile91.68th
Published2020年12月8日
Last Modified2025年10月27日

Vulnerability Description

A memory initialization issue was addressed. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to disclose kernel memory.

Affected Platforms (CPE)

💻
Apple

Ipados

< 14.2
💻
Apple

Iphone Os

< 12.4.9
💻
Apple

Iphone Os

>= 14.0 and < 14.2
💻
Apple

Macos

< 10.15.7
💻
Apple

Macos

>= 11.0 and < 11.0.1
💻
Apple

Watchos

< 5.3.9
💻
Apple

Watchos

>= 6.0 and < 6.2.9
💻
Apple

Watchos

>= 7.0 and < 7.1

References & Advisories

🔗 http://packetstormsecurity.com/files/161296/XNU-Kernel-Mach-Message-Trailers-Memory-Disclosure.html
🔗 http://seclists.org/fulldisclosure/2020/Dec/32
🔗 https://support.apple.com/en-us/HT211928
🔗 https://support.apple.com/en-us/HT211929
🔗 https://support.apple.com/en-us/HT211931
🔗 https://support.apple.com/en-us/HT211940
🔗 https://support.apple.com/en-us/HT211944
🔗 https://support.apple.com/en-us/HT211945

相關漏洞威脅

CVE-2019-877910.0

A logic issue applied the incorrect restrictions. This issue was addressed by updating the logic to apply the correct restrictions...

CVE-2020-39109.8

A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....

CVE-2020-39099.8

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....

CVE-2020-39119.8

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10....