CVE-2020-3849: Input Validation
Published Jan 28, 2020
·Updated
CoreBluetooth. A memory corruption issue was addressed with improved input validation.
Other sources
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.3. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.
Credit
Jianjun Dai(Qihoo 360 Alpha Lab), Jianjun Dai(Qihoo 360 Alpha Lab), Jianjun Dai(Qihoo 360 Alpha Lab)
Affected Software
4 affected componentsFixes available
apple macOS Catalina<10.15.3
10.15.3
apple Mojave
apple High Sierra
Apple iOS and macOS<10.15.3
Event History
Apr 1, 2020
CVE Published
via MITRE·06:09 PM
Data Sourced
via MITRE·06:09 PM
DescriptionWeakness
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-3877
- CVE-2019-11043
- CVE-2020-3857
- CVE-2020-3866
- CVE-2020-3848
- CVE-2020-3849
- CVE-2020-3850
- CVE-2020-3847
- CVE-2020-3835
- CVE-2020-3863
- CVE-2020-9774
- CVE-2020-3827
- CVE-2020-3826
- CVE-2020-3870
- CVE-2020-3878
- CVE-2020-3880
- CVE-2020-3845
- CVE-2020-3837
- CVE-2020-3851
- CVE-2020-3840
- CVE-2020-3875
- CVE-2020-3872
- CVE-2020-3853
- CVE-2020-3836
- CVE-2020-3842
- CVE-2020-3871
- CVE-2020-3846
- CVE-2020-3856
- CVE-2020-3829
- CVE-2020-3830
- CVE-2020-3854
- CVE-2019-18634
- CVE-2020-3855
- CVE-2020-3839
- CVE-2020-3843
- CVE-2020-3838
Frequently Asked Questions
1
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2020-3849.
2
What software is affected by this vulnerability?
The affected software includes macOS Catalina (10.15.3), Mojave, and High Sierra.
3
What is the severity of CVE-2020-3849?
The severity of CVE-2020-3849 is not specified.
4
How was the memory corruption issue addressed?
The memory corruption issue was addressed with improved input validation.
5
Where can I find more information about this vulnerability?
You can find more information about this vulnerability on the Apple support website.