CVE-2020-27943: Input Validation

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2020-27943.

Q: What is the affected software?

The affected software includes Apple iOS, iPadOS, tvOS, macOS Big Sur, Catalina, Mojave, and watchOS.

Q: What is the severity of CVE-2020-27943?

The severity of CVE-2020-27943 is not specified in the information provided.

Q: How can I fix CVE-2020-27943?

To fix CVE-2020-27943, update the affected software to the specified versions.

Q: Where can I find more information about CVE-2020-27943?

You can find more information about CVE-2020-27943 on the Apple support website.

Published Dec 14, 2020

Updated

A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in tvOS 14.3, iOS 14.3 and iPadOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.2. Processing a maliciously crafted font file may lead to arbitrary code execution.

Other sources

FontParser. A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation.

Credit

Mateusz Jurczyk(Google Project Zero), Apple

Affected Software

12 affected componentsFixes available

Apple tvOS<14.3

14.3

Apple macOS Big Sur<11.1

11.1

Apple Catalina

Apple Mojave

Apple WatchOS<7.2

7.2

Apple Ipad Os<14.3

Apple iPhone OS<14.3

Apple macOS<11.1.0

Apple tvOS<14.3

Apple WatchOS<7.2

Apple iOS<14.3

14.3

Apple iPadOS<14.3

14.3

Event History

Apr 2, 2021

CVE Published

via MITRE·05:36 PM

Data Sourced

via MITRE·05:36 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2020-29610
CVE-2020-27948
CVE-2020-29608
CVE-2020-27946
CVE-2020-27943
CVE-2020-27944
CVE-2020-29624
CVE-2020-29615
CVE-2020-29617
CVE-2020-29619
CVE-2020-29618
CVE-2020-29611
CVE-2020-29614
CVE-2020-9972
CVE-2020-29623
CVE-2020-15969
CVE-2021-31077
CVE-2020-27914
CVE-2020-27915
CVE-2020-27936
CVE-2020-27903
CVE-2020-27941
CVE-2020-29621
CVE-2020-27910
CVE-2020-9943
CVE-2020-9944
CVE-2020-27916
CVE-2020-27906
CVE-2020-27908
CVE-2020-9960
CVE-2020-10017
CVE-2020-27922
CVE-2020-10001
CVE-2020-9962
CVE-2020-27952
CVE-2020-9956
CVE-2020-27931
CVE-2020-10002
CVE-2020-27947
CVE-2020-29612
CVE-2020-9978
CVE-2020-27939
CVE-2020-29625
CVE-2020-29616
CVE-2020-27924
CVE-2020-27912
CVE-2020-27923
CVE-2020-27919
CVE-2020-10015
CVE-2020-27897
CVE-2020-27907
CVE-2020-9974
CVE-2020-10016
CVE-2020-9967
CVE-2020-9975
CVE-2020-27921
CVE-2020-27949
CVE-2020-29620
CVE-2020-27911
CVE-2020-27920
CVE-2020-27926
CVE-2020-10014
CVE-2020-10010
CVE-2020-29633
CVE-2020-13520
CVE-2020-13524
CVE-2020-10004
CVE-2020-27901
CVE-2020-27938
CVE-2020-10007
CVE-2020-10012
CVE-2020-27896
CVE-2020-10009
CVE-2020-27898
CVE-2020-27951
CVE-2020-29613

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2020-27943.

What is the affected software?

The affected software includes Apple iOS, iPadOS, tvOS, macOS Big Sur, Catalina, Mojave, and watchOS.

What is the severity of CVE-2020-27943?

The severity of CVE-2020-27943 is not specified in the information provided.

How can I fix CVE-2020-27943?

To fix CVE-2020-27943, update the affected software to the specified versions.

Where can I find more information about CVE-2020-27943?

You can find more information about CVE-2020-27943 on the Apple support website.

CVE-2020-27943: Input Validation

Other sources

Credit

Affected Software

Event History

Parent advisories

Peer vulnerabilities

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the vulnerability ID for this issue?

What is the affected software?

What is the severity of CVE-2020-27943?

How can I fix CVE-2020-27943?

Where can I find more information about CVE-2020-27943?

Company

Resources

Contact