CVE-2020-9844
Severity CVSS v4.0:
Pending analysis
Type:
CWE-415
Double Free
Publication date:
09/06/2020
Last modified:
09/01/2023
Description
A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:* | 13.5 (excluding) | |
| cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:* | 13.5 (excluding) | |
| cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* | 10.13 (including) | 10.13.6 (excluding) |
| cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* | 10.14 (including) | 10.14.6 (excluding) |
| cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:* | 10.15 (including) | 10.15.5 (excluding) |
| cpe:2.3:o:apple:mac_os_x:10.13.6:-:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-002:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2018-003:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-001:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-002:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-003:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-004:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-005:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-006:*:*:*:*:*:* | ||
| cpe:2.3:o:apple:mac_os_x:10.13.6:security_update_2019-007:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page