CVE-2019-8755: Null Pointer Dereference

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8755.

Q: What is the severity rating of CVE-2019-8755?

The severity rating of CVE-2019-8755 is high.

Q: What is the description of CVE-2019-8755?

CVE-2019-8755 is a logic issue in IOGraphics that was addressed with improved restrictions. It allows a malicious application to determine kernel memory layout.

Q: Which software versions are affected by CVE-2019-8755?

CVE-2019-8755 affects macOS Catalina 10.15 and earlier versions.

Q: How can I fix CVE-2019-8755?

To fix CVE-2019-8755, update your macOS to version 10.15 or later.

Published Oct 7, 2019

Updated

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to determine kernel memory layout.

Other sources

IOGraphics. A logic issue was addressed with improved restrictions.

Credit

Lilang Wu, Moony Li(Trend Micro)

Affected Software

2 affected componentsFixes available

apple macOS Catalina<10.15

10.15

Apple iOS and macOS<10.15

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT210634

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8755.

What is the severity rating of CVE-2019-8755?

The severity rating of CVE-2019-8755 is high.

What is the description of CVE-2019-8755?

CVE-2019-8755 is a logic issue in IOGraphics that was addressed with improved restrictions. It allows a malicious application to determine kernel memory layout.

Which software versions are affected by CVE-2019-8755?