CVE-2020-3847: Input Validation
Published Jan 28, 2020
·Updated
CoreBluetooth. An out-of-bounds read was addressed with improved input validation.
Other sources
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to leak memory.
Credit
Jianjun Dai(Qihoo 360 Alpha Lab)
Affected Software
4 affected componentsFixes available
apple macOS Catalina<10.15.3
10.15.3
apple Mojave
apple High Sierra
Apple iOS and macOS<10.15.3
Event History
Apr 1, 2020
CVE Published
via MITRE·06:09 PM
Data Sourced
via MITRE·06:09 PM
DescriptionWeakness
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-3877
- CVE-2019-11043
- CVE-2020-3857
- CVE-2020-3866
- CVE-2020-3848
- CVE-2020-3849
- CVE-2020-3850
- CVE-2020-3847
- CVE-2020-3835
- CVE-2020-3863
- CVE-2020-9774
- CVE-2020-3827
- CVE-2020-3826
- CVE-2020-3870
- CVE-2020-3878
- CVE-2020-3880
- CVE-2020-3845
- CVE-2020-3837
- CVE-2020-3851
- CVE-2020-3840
- CVE-2020-3875
- CVE-2020-3872
- CVE-2020-3853
- CVE-2020-3836
- CVE-2020-3842
- CVE-2020-3871
- CVE-2020-3846
- CVE-2020-3856
- CVE-2020-3829
- CVE-2020-3830
- CVE-2020-3854
- CVE-2019-18634
- CVE-2020-3855
- CVE-2020-3839
- CVE-2020-3843
- CVE-2020-3838
Frequently Asked Questions
1
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-3847.
2
What is the title of this vulnerability?
The title of this vulnerability is 'CoreBluetooth. An out-of-bounds read was addressed with improved input validation.'
3
What is the affected software?
The affected software includes macOS Catalina (up to version 10.15.3), Mojave, and High Sierra.
4
How was the vulnerability addressed?
The vulnerability was addressed with improved input validation.
5
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the Apple Support website: https://support.apple.com/en-us/HT210919