CVE-2020-36226: High severity apple macos vulnerability

Q: What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2020-36226.

Q: What software products are affected by this vulnerability?

The macOS Big Sur 11.4, Mojave, and Catalina versions of Apple's operating system are affected by this vulnerability.

Q: What is the severity of this vulnerability?

The severity of this vulnerability is not specified in the provided information.

Q: How was this vulnerability addressed?

This vulnerability was addressed with improved checks.

Q: Where can I find more information about this vulnerability and its fixes?

You can find more information about this vulnerability and its fixes on the Apple support website. Here are the links: [Link 1](https://support.apple.com/en-us/HT212530), [Link 2](https://support.apple.com/en-us/HT212529), [Link 3](https://support.apple.com/en-us/HT212531).

Published Jan 25, 2021

Updated

A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bvlen miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.

Other sources

OpenLDAP. This issue was addressed with improved checks.

Credit

CVE-2020-36226, CVE-2020-36229, CVE-2020-36225, CVE-2020-36224, CVE-2020-36223, CVE-2020-36227, CVE-2020-36228, CVE-2020-36221, CVE-2020-36222, CVE-2020-36230, CVE-2020-36226, CVE-2020-36229, CVE-2020-36225, CVE-2020-36224, CVE-2020-36223, CVE-2020-36227, CVE-2020-36228, CVE-2020-36221, CVE-2020-36222, CVE-2020-36230, CVE-2020-36226, CVE-2020-36227, CVE-2020-36223, CVE-2020-36224, CVE-2020-36225, CVE-2020-36221, CVE-2020-36228, CVE-2020-36222, CVE-2020-36230, CVE-2020-36229

Affected Software

26 affected componentsFixes available

debian/openldap

2.4.47+dfsg-3+deb10u72.4.57+dfsg-3+deb11u12.5.13+dfsg-5

Apple macOS Big Sur<11.4

11.4

Apple Catalina

Apple Mojave

openldap OpenLDAP<2.4.57

Debian Debian Linux=9.0

Debian Debian Linux=10.0

Apple iOS and macOS>=10.14.0<10.14.6

Apple iOS and macOS=10.14.6

Apple iOS and macOS=10.14.6-security_update_2019-004

Apple iOS and macOS=10.14.6-security_update_2019-005

Apple iOS and macOS=10.14.6-security_update_2019-006

Apple iOS and macOS=10.14.6-security_update_2019-007

Apple iOS and macOS=10.14.6-security_update_2020-001

Apple iOS and macOS=10.14.6-security_update_2020-002

Apple iOS and macOS=10.14.6-security_update_2020-003

Apple iOS and macOS=10.14.6-security_update_2020-004

Apple iOS and macOS=10.14.6-security_update_2020-005

Apple iOS and macOS=10.14.6-security_update_2020-006

Apple iOS and macOS=10.14.6-security_update_2020-007

Apple iOS and macOS=10.14.6-security_update_2021-001

Apple iOS and macOS=10.14.6-security_update_2021-002

Apple iOS and macOS=10.14.6-security_update_2021-003

Apple iOS and macOS=10.14.6-supplemental_update

Apple iOS and macOS=10.14.6-supplemental_update_2

Apple macOS>=11.1<11.4

Remediation

Event History

Jan 25, 2021

CVE Published

via MITRE·09:44 AM

Data Sourced

via MITRE·09:44 AM

Description

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

CVE-2021-30678
CVE-2021-30676
CVE-2021-30688
CVE-2021-30669
CVE-2021-30707
CVE-2021-30685
CVE-2021-30672
CVE-2021-30681
CVE-2021-30686
CVE-2021-30733
CVE-2021-30753
CVE-2021-30727
CVE-2021-30724
CVE-2021-30673
CVE-2021-30771
CVE-2021-30755
CVE-2021-30684
CVE-2021-30735
CVE-2021-30697
CVE-2021-30710
CVE-2021-30683
CVE-2021-30687
CVE-2021-30700
CVE-2021-30701
CVE-2021-30705
CVE-2021-30706
CVE-2021-30719
CVE-2021-30728
CVE-2021-30726
CVE-2021-30731
CVE-2021-30740
CVE-2021-30704
CVE-2021-30715
CVE-2021-30736
CVE-2021-30739
CVE-2021-30703
CVE-2021-30680
CVE-2021-30677
CVE-2021-30702
CVE-2021-30696
CVE-2021-30756
CVE-2021-30723
CVE-2021-30691
CVE-2021-30692
CVE-2021-30694
CVE-2021-30725
CVE-2021-30746
CVE-2021-30693
CVE-2021-30695
CVE-2021-30708
CVE-2021-30709
CVE-2021-30679
CVE-2020-36226
CVE-2020-36227
CVE-2020-36223
CVE-2020-36224
CVE-2020-36225
CVE-2020-36221
CVE-2020-36228
CVE-2020-36222
CVE-2020-36230
CVE-2020-36229
CVE-2021-30738
CVE-2021-30751
CVE-2021-30737
CVE-2021-30716
CVE-2021-30717
CVE-2021-30721
CVE-2021-30722
CVE-2021-30712
CVE-2021-30668
CVE-2021-30718
CVE-2021-30671
CVE-2021-30713
CVE-2021-30744
CVE-2021-21779
CVE-2021-30682
CVE-2021-30689
CVE-2021-30749
CVE-2021-30734
CVE-2021-30720
CVE-2021-23841
CVE-2021-30698
CVE-2020-29629
CVE-2021-1884
CVE-2021-1883
CVE-2021-30743
CVE-2021-30819
CVE-2021-30690

Frequently Asked Questions

What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2020-36226.

What software products are affected by this vulnerability?

The macOS Big Sur 11.4, Mojave, and Catalina versions of Apple's operating system are affected by this vulnerability.

What is the severity of this vulnerability?

The severity of this vulnerability is not specified in the provided information.

How was this vulnerability addressed?

This vulnerability was addressed with improved checks.

Where can I find more information about this vulnerability and its fixes?

You can find more information about this vulnerability and its fixes on the Apple support website. Here are the links: [Link 1](https://support.apple.com/en-us/HT212530), [Link 2](https://support.apple.com/en-us/HT212529), [Link 3](https://support.apple.com/en-us/HT212531).

CVE-2020-36226: High severity apple macos vulnerability

Other sources

Credit

Affected Software

Remediation

Patch Available

Patch Available

Patch Available

Patch Available

Event History

Parent advisories

Peer vulnerabilities

Don't miss critical vulnerabilities

Frequently Asked Questions

What is the vulnerability ID for this issue?

What software products are affected by this vulnerability?

What is the severity of this vulnerability?

How was this vulnerability addressed?

Where can I find more information about this vulnerability and its fixes?

Company

Resources

Contact