CVE-2020-3908: Input Validation
Published Mar 24, 2020
·Updated
Bluetooth. An out-of-bounds read was addressed with improved input validation.
Other sources
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory.
Credit
Yu Wang(Didi Research America)
Affected Software
4 affected componentsFixes available
apple macOS Catalina<10.15.4
10.15.4
apple Mojave
apple High Sierra
Apple iOS and macOS<10.15.4
Event History
Apr 1, 2020
CVE Published
via MITRE·05:52 PM
Data Sourced
via MITRE·05:52 PM
DescriptionWeakness
Peer vulnerabilities
Found alongside the following vulnerabilities.
- CVE-2020-9772
- CVE-2020-3903
- CVE-2020-3904
- CVE-2020-3883
- CVE-2020-6616
- CVE-2020-9853
- CVE-2020-3907
- CVE-2020-3908
- CVE-2020-3912
- CVE-2020-9779
- CVE-2020-3892
- CVE-2020-3893
- CVE-2020-3905
- CVE-2019-8853
- CVE-2020-9776
- CVE-2020-9828
- CVE-2020-3913
- CVE-2020-9829
- CVE-2020-3898
- CVE-2020-3881
- CVE-2020-3886
- CVE-2019-14615
- CVE-2020-3919
- CVE-2020-3851
- CVE-2020-3896
- CVE-2020-3914
- CVE-2020-9785
- CVE-2020-3909
- CVE-2020-3911
- CVE-2020-3910
- CVE-2020-3884
- CVE-2020-3915
- CVE-2020-9775
- CVE-2020-9771
- CVE-2020-3918
- CVE-2019-19232
- CVE-2020-9786
- CVE-2020-3906
- CVE-2020-3889
- CVE-2020-9769
- CVE-2020-9787
- CVE-2020-3902
Frequently Asked Questions
1
What is CVE-2020-3908?
CVE-2020-3908 is a vulnerability in Bluetooth that allows an out-of-bounds read.
2
What is the severity of CVE-2020-3908?
The severity of CVE-2020-3908 is not specified.
3
How does CVE-2020-3908 work?
CVE-2020-3908 works by exploiting an out-of-bounds read vulnerability in Bluetooth.
4
Is macOS Catalina affected by CVE-2020-3908?
Yes, macOS Catalina version 10.15.4 is affected by CVE-2020-3908.
5
How can I fix CVE-2020-3908?
To fix CVE-2020-3908, update your macOS to version 10.15.4 or newer.