CVE-2019-8802: Input Validation

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8802.

Q: What is the severity of CVE-2019-8802?

The severity of CVE-2019-8802 is critical.

Q: How does CVE-2019-8802 impact macOS Catalina?

CVE-2019-8802 allows a malicious application to gain root privileges on macOS Catalina.

Q: Which versions of macOS Catalina are affected by CVE-2019-8802?

Versions of macOS Catalina up to and excluding 10.15.1 are affected by CVE-2019-8802.

Q: How can I fix CVE-2019-8802?

CVE-2019-8802 is fixed in macOS Catalina 10.15.1, so updating to that version will resolve the issue.

Published Oct 29, 2019

Updated

A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15.1. A malicious application may be able to gain root privileges.

Other sources

manpages. A validation issue was addressed with improved logic.

Credit

Csaba Fitzl@@theevilbit

Affected Software

2 affected componentsFixes available

apple macOS Catalina<10.15.1

10.15.1

Apple iOS and macOS<10.15.1

Event History

Dec 18, 2019

CVE Published

via MITRE·05:33 PM

Data Sourced

via MITRE·05:33 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT210722

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8802.

What is the severity of CVE-2019-8802?

The severity of CVE-2019-8802 is critical.

How does CVE-2019-8802 impact macOS Catalina?

CVE-2019-8802 allows a malicious application to gain root privileges on macOS Catalina.

Which versions of macOS Catalina are affected by CVE-2019-8802?