CVE-2020-27904: Critical severity apple macos vulnerability

Q: What is CVE-2020-27904?

CVE-2020-27904 is a vulnerability that existed in the kernel which resulted in memory corruption.

Q: How was CVE-2020-27904 addressed?

CVE-2020-27904 was addressed with improved state management.

Q: Which versions of macOS Big Sur are affected by CVE-2020-27904?

macOS Big Sur versions up to and excluding 11.0.1 are affected by CVE-2020-27904.

Q: Is macOS Catalina affected by CVE-2020-27904?

No, macOS Catalina is not affected by CVE-2020-27904.

Q: Is macOS Mojave affected by CVE-2020-27904?

No, macOS Mojave is not affected by CVE-2020-27904.

Published Nov 12, 2020

Updated

A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to execute arbitrary code with kernel privileges.

Other sources

Kernel. A logic issue existed resulting in memory corruption. This was addressed with improved state management.

Credit

Zuozhi Fan@@pattern_F_(Ant Group Tianqong Security Lab), Zuozhi Fan@@pattern_F_(Ant Group Tianqiong Security Lab)

Affected Software

5 affected componentsFixes available

Apple macOS Big Sur<11.0.1

11.0.1

Apple macOS Big Sur<11.2

11.2

Apple Catalina

macOS Mojave

macOS<11.0.1

Event History

Dec 8, 2020

CVE Published

via MITRE·08:07 PM

Data Sourced

via MITRE·08:07 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2020-27914
CVE-2020-27915
CVE-2020-27903
CVE-2020-27910
CVE-2020-27916
CVE-2020-9943
CVE-2020-9944
CVE-2020-27906
CVE-2020-27945
CVE-2020-27908
CVE-2020-27909
CVE-2020-9960
CVE-2020-10017
CVE-2020-9949
CVE-2020-9897
CVE-2020-9883
CVE-2020-10003
CVE-2020-27922
CVE-2020-9999
CVE-2020-27937
CVE-2020-9965
CVE-2020-9966
CVE-2020-27894
CVE-2020-36615
CVE-2021-1790
CVE-2021-1775
CVE-2020-29629
CVE-2020-27942
CVE-2020-9962
CVE-2020-27952
CVE-2020-9956
CVE-2020-27931
CVE-2020-27930
CVE-2020-27927
CVE-2020-29639
CVE-2020-10002
CVE-2020-9978
CVE-2020-9955
CVE-2020-27924
CVE-2020-27912
CVE-2020-27923
CVE-2020-9876
CVE-2020-10015
CVE-2020-27897
CVE-2020-27907
CVE-2020-27919
CVE-2020-9967
CVE-2020-9975
CVE-2020-27921
CVE-2020-27904
CVE-2019-14899
CVE-2020-27950
CVE-2020-9974
CVE-2020-10016
CVE-2020-27932
CVE-2020-27917
CVE-2020-27920
CVE-2020-27911
CVE-2020-9971
CVE-2020-10014
CVE-2020-10010
CVE-2020-9941
CVE-2020-9988
CVE-2020-9989
CVE-2020-10011
CVE-2020-13524
CVE-2020-10004
CVE-2020-9996
CVE-2020-27901
CVE-2020-27900
CVE-2019-20838
CVE-2020-14155
CVE-2020-10007
CVE-2020-27896
CVE-2020-9963
CVE-2020-10012
CVE-2020-10663
CVE-2020-9945
CVE-2020-9977
CVE-2020-9942
CVE-2020-9987
CVE-2021-1803
CVE-2020-9969
CVE-2020-27893
CVE-2021-1755
CVE-2020-10005
CVE-2020-9991
CVE-2020-9849
CVE-2020-15358
CVE-2020-13631
CVE-2020-13434
CVE-2020-13435
CVE-2020-13630
CVE-2020-27899
CVE-2020-10009
CVE-2020-10008
CVE-2020-27918
CVE-2020-9947
CVE-2020-9950
CVE-2020-27898
CVE-2020-27935
CVE-2020-10006
CVE-2021-1761
CVE-2021-1797
CVE-2021-1760
CVE-2021-1747
CVE-2021-1776
CVE-2021-1759
CVE-2021-1772
CVE-2021-1792
CVE-2021-1787
CVE-2021-1786
CVE-2021-1802
CVE-2021-1791
CVE-2020-29608
CVE-2021-1758
CVE-2021-1783
CVE-2021-1741
CVE-2021-1743
CVE-2021-1773
CVE-2021-1778
CVE-2021-1736
CVE-2021-1785
CVE-2021-1766
CVE-2021-1818
CVE-2021-1742
CVE-2021-1746
CVE-2021-1754
CVE-2021-1774
CVE-2021-1777
CVE-2021-1793
CVE-2021-1737
CVE-2021-1738
CVE-2021-1744
CVE-2021-1779
CVE-2021-1757
CVE-2021-1764
CVE-2021-1782
CVE-2021-1750
CVE-2020-29633
CVE-2021-1781
CVE-2021-1771
CVE-2021-1762
CVE-2020-29614
CVE-2021-1763
CVE-2021-1767
CVE-2021-1745
CVE-2021-1753
CVE-2021-1768
CVE-2021-1751
CVE-2020-25709
CVE-2020-27938
CVE-2021-1769
CVE-2021-1788
CVE-2021-1765
CVE-2021-1801
CVE-2021-1789
CVE-2021-1871
CVE-2021-1870
CVE-2021-1799
CVE-2021-30869

Frequently Asked Questions

What is CVE-2020-27904?

CVE-2020-27904 is a vulnerability that existed in the kernel which resulted in memory corruption.

How was CVE-2020-27904 addressed?