CVE-2020-27910

State: PUBLISHED · Published: 2020-12-08 · Updated: 2024-08-04 · Assigner: apple

Description

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution.

CWE

(none)

Affected

Apple / watchOS — v=unspecified <7.1 [affected]
Apple / iOS and iPadOS — v=unspecified <14.2 [affected]
Apple / tvOS — v=unspecified <14.2 [affected]
Apple / macOS — v=unspecified <11.0 [affected]

CVSS

(none)

References

https://support.apple.com/en-us/HT211931 x_refsource_MISC
https://support.apple.com/en-us/HT211928 x_refsource_MISC
https://support.apple.com/en-us/HT211929 x_refsource_MISC
https://support.apple.com/en-us/HT211930 x_refsource_MISC
https://support.apple.com/kb/HT212011 x_refsource_CONFIRM
http://seclists.org/fulldisclosure/2020/Dec/32 mailing-list, x_refsource_FULLDISC
http://seclists.org/fulldisclosure/2020/Dec/26 mailing-list, x_refsource_FULLDISC

Source

cvelistV5-main/cves/2020/27xxx/CVE-2020-27910.json