CVE-2020-3904: Critical severity macos catalina vulnerability

Q: What is CVE-2020-3904?

CVE-2020-3904 is a vulnerability in AppleGraphicsControl that allows for multiple memory corruption issues.

Q: How can macOS Catalina users be affected by CVE-2020-3904?

macOS Catalina version 10.15.4 and earlier are affected by CVE-2020-3904.

Q: Which versions of macOS Mojave are affected by CVE-2020-3904?

All versions of macOS Mojave are affected by CVE-2020-3904.

Q: Are High Sierra users affected by CVE-2020-3904?

Yes, High Sierra is also affected by CVE-2020-3904.

Q: How can I fix CVE-2020-3904?

To fix CVE-2020-3904, update your macOS to version 10.15.5 or later.

Published Mar 24, 2020

Updated

AppleGraphicsControl. Multiple memory corruption issues were addressed with improved state management.

Other sources

Multiple memory corruption issues were addressed with improved state management. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to execute arbitrary code with kernel privileges.

Credit

Proteas(Qihoo 360 Nirvan Team)

Affected Software

4 affected componentsFixes available

apple macOS Catalina<10.15.4

10.15.4

apple Mojave

apple High Sierra

Apple iOS and macOS<10.15.4

Event History

Apr 1, 2020

CVE Published

via MITRE·05:51 PM

Data Sourced

via MITRE·05:51 PM

DescriptionWeakness

Parent advisories

This vulnerability appears in the following advisories.

HT211100

Frequently Asked Questions

What is CVE-2020-3904?

CVE-2020-3904 is a vulnerability in AppleGraphicsControl that allows for multiple memory corruption issues.

How can macOS Catalina users be affected by CVE-2020-3904?

macOS Catalina version 10.15.4 and earlier are affected by CVE-2020-3904.

Which versions of macOS Mojave are affected by CVE-2020-3904?

All versions of macOS Mojave are affected by CVE-2020-3904.

Are High Sierra users affected by CVE-2020-3904?