CVE-2020-3860: Input Validation
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.3.1 and iPadOS 13.3.1, watchOS 6.1.2. An application may be able to execute arbitrary code with kernel privileges.
Other sources
Kernel. A memory corruption issue was addressed with improved input validation.
Credit
Affected Software
Event History
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-3877
- CVE-2020-3857
- CVE-2020-3855
- CVE-2020-3826
- CVE-2020-3870
- CVE-2020-3878
- CVE-2020-3880
- CVE-2020-3837
- CVE-2019-8836
- CVE-2020-3875
- CVE-2020-3836
- CVE-2020-3872
- CVE-2020-3842
- CVE-2020-3834
- CVE-2020-3860
- CVE-2020-3853
- CVE-2020-3846
- CVE-2020-3856
- CVE-2020-3829
- CVE-2020-3838
- CVE-2020-3869
- CVE-2020-3840
- CVE-2020-3858
- CVE-2020-3831
- CVE-2020-3873
- CVE-2020-3859
- CVE-2020-3844
- CVE-2020-3828
- CVE-2020-3841
- CVE-2020-3874
- CVE-2020-3862
- CVE-2020-3825
- CVE-2020-3868
- CVE-2020-3867
- CVE-2020-3864
- CVE-2020-3865
- CVE-2020-3843
Frequently Asked Questions
What is CVE-2020-3860?
CVE-2020-3860 is a kernel memory corruption issue addressed with improved input validation.
Which software are affected by CVE-2020-3860?
The software affected by CVE-2020-3860 are Apple watchOS 6.1.2, Apple iOS up to and excluding 13.3.1, and Apple iPadOS up to and excluding 13.3.1.
What is the severity of CVE-2020-3860?
The severity of CVE-2020-3860 is not specified.
How can I fix CVE-2020-3860?
To fix CVE-2020-3860, update your Apple watchOS to version 6.1.2, iOS to a version later than 13.3.1, or iPadOS to a version later than 13.3.1.
Where can I find more information about CVE-2020-3860?
You can find more information about CVE-2020-3860 on the Apple support website using the following links: [support.apple.com/en-us/HT210921](https://support.apple.com/en-us/HT210921) and [support.apple.com/en-us/HT210918](https://support.apple.com/en-us/HT210918).