ID

VAR-202010-0146


CVE

CVE-2019-8838


TITLE

plural Apple Product Corruption Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-015880

DESCRIPTION

A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges. Kernel components in several Apple products have security vulnerabilities. The following products and versions are affected: Apple macOS Catalina before 10.15.2; iOS before 13.3; iPadOS before 13.3; watchOS before 6.1.1; tvOS before 13.3. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3 iOS 13.3 and iPadOS 13.3 is now available and addresses the following: CallKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Calls made using Siri may be initiated using the wrong cellular plan on devices with two active plans Description: An API issue existed in the handling of outgoing phone calls initiated with Siri. CVE-2019-8856: Fabrice TERRANCLE of TERRANCLE SARL CFNetwork Proxies Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to gain elevated privileges Description: This issue was addressed with improved checks. CVE-2019-8848: Zhuo Liang of Qihoo 360 Vulcan Team FaceTime Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing malicious video via FaceTime may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2019-8830: Natalie Silvanovich of Google Project Zero IOSurfaceAccelerator Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2019-8841: Corellium IOUSBDeviceFamily Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8836: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc. and Luyi Xing of Indiana University Bloomington Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed by removing the vulnerable code. CVE-2019-8833: Ian Beer of Google Project Zero Kernel Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8828: Cim Stordal of Cognite CVE-2019-8838: Dr Silvio Cesare of InfoSect libexpat Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Parsing a maliciously crafted XML file may lead to disclosure of user information Description: This issue was addressed by updating to expat version 2.2.8. CVE-2019-15903: Joonun Jang Photos Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel Description: The issue was addressed with improved validation when an iCloud Link is created. CVE-2019-8857: Tor Bruce Security Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2019-8832: Insu Yun of SSLab at Georgia Tech WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2019-8835: Anonymous working with Trend Micro's Zero Day Initiative, Mike Zhang of Pangu Team CVE-2019-8844: William Bowling (@wcbowling) WebKit Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4 and later, and iPod touch 7th generation Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2019-8846: Marcin Towalski of Cisco Talos Additional recognition Accounts We would like to acknowledge Kishan Bagaria (KishanBagaria.com <http://kishanbagaria.com/>) and Tom Snelling of Loughborough University for their assistance. Core Data We would like to acknowledge Natalie Silvanovich of Google Project Zero for their assistance. Settings We would like to acknowledge an anonymous researcher for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ <https://www.apple.com/itunes/> iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About. The version after applying this update will be "iOS 13.3 and iPadOS 13.3". Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 <https://support.apple.com/kb/HT201222> This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ <https://www.apple.com/support/security/pgp/> -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEM5FaaFRjww9EJgvRBz4uGe3y0M0FAl3wFpoACgkQBz4uGe3y 0M18fQ//WhVI4LKBRFvq8A5p7T8wwMklItFubvFzcxAec3ZHIYAXTTLpvZWNKCrc wvqlPkNBs1onvaq6LPddeL9uMWgBB0iiks6HX5oRrHuvutiRGC1n8VzJCgW8BWwI 7CNFNBXl4iBflupZlCnSdbwbDkJSyNN+DvouxzfXMqbpdnjV1NVNtlM/WrdFnVgU vqAnxY7FEFrwgyU/zAbfyo5S4qJ2fRC9MPiO3Tiq+abVEcprQ4wSmKJUtgvgudOX witjbU8I9eKz2H5jq555gkq4yZVHjg7vDhj1Ln1Zm2bO2PM5A6dsXsSCwzIYaqvF /wbrOuVbw1f1F4mD8Oq7IFHXsoWysUnOPEApeKE7L0XvH7CmCDccd7k9txOIRWRt 2rj+8YqGvo1fXKnIULVgtltbnxMKhZJO6ISZnTQ+3CnNfWEgXx+dNVDBB1HIGooJ JkpldVmjNXBts/DV0FEZXbYLVWCk90D0sSeMTE64v9U6v690JVGoXHynhYhui4IX gSbbcvwslD8MLHyK1E29t7X3XdIGVuzcq+OJ7oFn7T1lX14UflvKRNkEDDfc4Tsj lllrvrU084mWQaryldWIGzDNDT7O4RDsTCKzEPYSqXm3mxP13jZj1sDv1f1/2FdQ GmjCFIvlnYZeHB2mbStt3T9LXe7tuaF1TIYnG103h/SQEmwfiOk= =m//a -----END PGP SIGNATURE----- . Alternatively, on your watch, select "My Watch > General > About"

Trust: 2.07

sources: NVD: CVE-2019-8838 // JVNDB: JVNDB-2019-015880 // VULHUB: VHN-160273 // VULMON: CVE-2019-8838 // PACKETSTORM: 155643 // PACKETSTORM: 155670 // PACKETSTORM: 155640

AFFECTED PRODUCTS

vendor:applemodel:ipadosscope:ltversion:13.3

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.2

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:6.1.1

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:13.3

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:13.3

Trust: 1.0

vendor:applemodel:ipadosscope:eqversion:13.3 未満 (ipad mini 4 以降)

Trust: 0.8

vendor:applemodel:iosscope:eqversion:13.3 未満 (iphone 6s 以降)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.13.6

Trust: 0.8

vendor:applemodel:watchosscope:eqversion:6.1.1 未満 (apple watch series 1 以降)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 0.8

vendor:applemodel:iosscope:eqversion:13.3 未満 (ipod touch 第 7 世代)

Trust: 0.8

vendor:applemodel:ipadosscope:eqversion:13.3 未満 (ipad air 2 以降)

Trust: 0.8

vendor:applemodel:tvosscope:eqversion:13.3 未満 (apple tv 4k)

Trust: 0.8

vendor:applemodel:tvosscope:eqversion:13.3 未満 (apple tv hd)

Trust: 0.8

vendor:applemodel:mac os xscope:eqversion:10.15

Trust: 0.8

sources: JVNDB: JVNDB-2019-015880 // NVD: CVE-2019-8838

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-8838
value: HIGH

Trust: 1.0

NVD: JVNDB-2019-015880
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201912-490
value: HIGH

Trust: 0.6

VULHUB: VHN-160273
value: HIGH

Trust: 0.1

VULMON: CVE-2019-8838
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-8838
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

NVD: JVNDB-2019-015880
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

VULHUB: VHN-160273
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-8838
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2019-015880
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-160273 // VULMON: CVE-2019-8838 // JVNDB: JVNDB-2019-015880 // CNNVD: CNNVD-201912-490 // NVD: CVE-2019-8838

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-119

Trust: 0.9

sources: VULHUB: VHN-160273 // JVNDB: JVNDB-2019-015880 // NVD: CVE-2019-8838

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201912-490

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201912-490

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-015880

PATCH

title:HT210785url:https://support.apple.com/en-us/HT210785

Trust: 0.8

title:HT210788url:https://support.apple.com/en-us/HT210788

Trust: 0.8

title:HT210789url:https://support.apple.com/en-us/HT210789

Trust: 0.8

title:HT210790url:https://support.apple.com/en-us/HT210790

Trust: 0.8

title:HT210785url:https://support.apple.com/ja-jp/HT210785

Trust: 0.8

title:HT210788url:https://support.apple.com/ja-jp/HT210788

Trust: 0.8

title:HT210789url:https://support.apple.com/ja-jp/HT210789

Trust: 0.8

title:HT210790url:https://support.apple.com/ja-jp/HT210790

Trust: 0.8

title:Multiple Apple product Kernel Fixes for component security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105338

Trust: 0.6

title:Apple: watchOS 6.1.1url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=d070c4235862ff7520377ed51b851242

Trust: 0.1

title:Apple: tvOS 13.3url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=47fac1737cdf117ddff1611c1b055dc6

Trust: 0.1

title:Apple: iOS 13.3 and iPadOS 13.3url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=b7ac13606c61b1f11a22b4bfa7f9975c

Trust: 0.1

title:Apple: macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierraurl:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=08bd56f44c2e4cba8f5786d79b2ebe2d

Trust: 0.1

sources: VULMON: CVE-2019-8838 // JVNDB: JVNDB-2019-015880 // CNNVD: CNNVD-201912-490

EXTERNAL IDS

db:NVDid:CVE-2019-8838

Trust: 2.9

db:JVNid:JVNVU99404393

Trust: 0.8

db:JVNDBid:JVNDB-2019-015880

Trust: 0.8

db:CNNVDid:CNNVD-201912-490

Trust: 0.7

db:PACKETSTORMid:155670

Trust: 0.7

db:AUSCERTid:ESB-2019.4632

Trust: 0.6

db:VULHUBid:VHN-160273

Trust: 0.1

db:VULMONid:CVE-2019-8838

Trust: 0.1

db:PACKETSTORMid:155643

Trust: 0.1

db:PACKETSTORMid:155640

Trust: 0.1

sources: VULHUB: VHN-160273 // VULMON: CVE-2019-8838 // JVNDB: JVNDB-2019-015880 // PACKETSTORM: 155643 // PACKETSTORM: 155670 // PACKETSTORM: 155640 // CNNVD: CNNVD-201912-490 // NVD: CVE-2019-8838

REFERENCES

url:https://support.apple.com/en-us/ht210785

Trust: 1.8

url:https://support.apple.com/en-us/ht210788

Trust: 1.8

url:https://support.apple.com/en-us/ht210789

Trust: 1.8

url:https://support.apple.com/en-us/ht210790

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-8838

Trust: 1.7

url:https://support.apple.com/kb/ht201222

Trust: 0.9

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-8838

Trust: 0.8

url:http://jvn.jp/vu/jvnvu99404393/index.html

Trust: 0.8

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-31121

Trust: 0.6

url:https://packetstormsecurity.com/files/155670/apple-security-advisory-2019-12-10-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4632/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2019-8832

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-8848

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-15903

Trust: 0.3

url:https://www.apple.com/support/security/pgp/

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-8836

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-8844

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-8828

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-8830

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-8833

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2019-8846

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8835

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-8856

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/172831

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8841

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:http://kishanbagaria.com/>)

Trust: 0.1

url:https://www.apple.com/support/security/pgp/>

Trust: 0.1

url:https://support.apple.com/kb/ht201222>

Trust: 0.1

url:https://www.apple.com/itunes/>

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-8857

Trust: 0.1

url:https://support.apple.com/kb/ht204641

Trust: 0.1

sources: VULHUB: VHN-160273 // VULMON: CVE-2019-8838 // JVNDB: JVNDB-2019-015880 // PACKETSTORM: 155643 // PACKETSTORM: 155670 // PACKETSTORM: 155640 // CNNVD: CNNVD-201912-490 // NVD: CVE-2019-8838

CREDITS

Apple

Trust: 0.9

sources: PACKETSTORM: 155643 // PACKETSTORM: 155670 // PACKETSTORM: 155640 // CNNVD: CNNVD-201912-490

SOURCES

db:VULHUBid:VHN-160273
db:VULMONid:CVE-2019-8838
db:JVNDBid:JVNDB-2019-015880
db:PACKETSTORMid:155643
db:PACKETSTORMid:155670
db:PACKETSTORMid:155640
db:CNNVDid:CNNVD-201912-490
db:NVDid:CVE-2019-8838

LAST UPDATE DATE

2024-08-14T12:22:33.174000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-160273date:2020-10-28T00:00:00
db:VULMONid:CVE-2019-8838date:2020-10-28T00:00:00
db:JVNDBid:JVNDB-2019-015880date:2021-01-28T05:11:41
db:CNNVDid:CNNVD-201912-490date:2021-08-16T00:00:00
db:NVDid:CVE-2019-8838date:2021-07-21T11:39:23.747

SOURCES RELEASE DATE

db:VULHUBid:VHN-160273date:2020-10-27T00:00:00
db:VULMONid:CVE-2019-8838date:2020-10-27T00:00:00
db:JVNDBid:JVNDB-2019-015880date:2021-01-28T05:11:41
db:PACKETSTORMid:155643date:2019-12-12T00:18:11
db:PACKETSTORMid:155670date:2019-12-14T12:22:22
db:PACKETSTORMid:155640date:2019-12-12T00:16:21
db:CNNVDid:CNNVD-201912-490date:2019-12-11T00:00:00
db:NVDid:CVE-2019-8838date:2020-10-27T20:15:20.893