CVE-2019-8744

MEDIUM

iPhone OS < 13.1 - Out-of-bounds Write via IPv6 Packet Handling

Title source: llm
STIX 2.1

Description

A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious application may be able to determine kernel memory layout.

References (5)

Core 5
Core References
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT210634
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT210722
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT210604
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT210606
Vendor Advisory x_refsource_misc
https://support.apple.com/en-us/HT210607

Scores

CVSS v3 5.5
EPSS 0.0089
EPSS Percentile 55.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-787
Status published
Products (4)
apple/iphone_os < 13.1
apple/mac_os_x < 10.15
apple/tvos < 13
apple/watchos < 6.0
Published Oct 27, 2020
Tracked Since Feb 18, 2026