CVE-2019-8510: Input Validation
First published: Mon Mar 25 2019(Updated: )
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to determine kernel memory layout.
Credit: Weibo Wang @ma1fan Qihoo 360 Nirvan TeamStefan Esser Antid0te UGWeibo Wang @ma1fan Qihoo 360 Nirvan TeamStefan Esser Antid0te UGWeibo Wang @ma1fan Qihoo 360 Nirvan TeamStefan Esser Antid0te UGWeibo Wang @ma1fan Qihoo 360 Nirvan TeamStefan Esser Antid0te UG product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iOS | <12.2 | 12.2 |
| Apple watchOS | <5.2 | 5.2 |
| Apple iPhone OS | <12.2 | |
| Apple Mac OS X | <10.14.4 | |
| Apple tvOS | <12.2 | |
| Apple watchOS | <5.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT209599 (Advisory)
- https://support.apple.com/en-us/HT209600 (Advisory)
- https://support.apple.com/en-us/HT209601 (Advisory)
- https://support.apple.com/en-us/HT209602 (Advisory)
- https://support.apple.com/HT209599
- https://support.apple.com/HT209600
- https://support.apple.com/HT209601
- https://support.apple.com/HT209602
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-6203
- CVE-2019-8531
- CVE-2019-8538
- CVE-2019-8534
- CVE-2019-8555
- CVE-2019-6239
- CVE-2019-8516
- CVE-2019-8552
- CVE-2019-8511
- CVE-2019-8542
- CVE-2019-8522
- CVE-2019-8550
- CVE-2019-8777
- CVE-2019-8565
- CVE-2019-8521
- CVE-2019-8906
- CVE-2019-8519
- CVE-2019-8533
- CVE-2019-8545
- CVE-2019-8504
- CVE-2019-8529
- CVE-2018-4448
- CVE-2019-5608
- CVE-2019-8527
- CVE-2019-8528
- CVE-2019-8508
- CVE-2019-8514
- CVE-2019-8540
- CVE-2019-7293
- CVE-2019-6207
- CVE-2019-8510
- CVE-2019-8547
- CVE-2019-8525
- CVE-2018-4433
- CVE-2019-8642
- CVE-2019-8645
- CVE-2019-8546
- CVE-2019-8579
- CVE-2019-8537
- CVE-2019-8561
- CVE-2018-12015
- CVE-2018-18311
- CVE-2018-18313
- CVE-2019-8549
- CVE-2019-8507
- CVE-2019-8618
- CVE-2019-8526
- CVE-2019-8520
- CVE-2019-8502
- CVE-2019-8513
- CVE-2019-8569
- CVE-2019-8517
- CVE-2019-8564
- CVE-2019-8612
- CVE-2019-8567
- CVE-2019-6238
- CVE-2019-8530
- CVE-2019-7286
- CVE-2019-8553
- CVE-2019-8532
- CVE-2019-8548
- CVE-2019-8541
- CVE-2019-8536
- CVE-2019-8544
- CVE-2019-8506
- CVE-2019-8518
- CVE-2019-8558
- CVE-2019-8559
- CVE-2019-8563
- CVE-2019-8638
- CVE-2019-8639
- CVE-2019-7292
- CVE-2019-8551
- CVE-2019-8535
- CVE-2019-6201
- CVE-2019-8523
- CVE-2019-8524
- CVE-2019-8562
- CVE-2019-8515
- CVE-2019-7285
- CVE-2019-8556
- CVE-2019-8503
- CVE-2019-8512
- CVE-2019-7284
- CVE-2019-8566
- CVE-2019-8554
- CVE-2019-6204
- CVE-2019-8505
- CVE-2019-6222
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2019-8510.
What is the severity level of CVE-2019-8510?
The severity level of CVE-2019-8510 is medium.
Which systems are affected by CVE-2019-8510?
iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, and watchOS 5.2 are affected by CVE-2019-8510.
How was CVE-2019-8510 fixed?
CVE-2019-8510 was fixed with improved input validation in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, and watchOS 5.2.
What can a malicious application do with CVE-2019-8510?
A malicious application may be able to determine kernel memory layout with CVE-2019-8510.
- agent/type
- agent/first-publish-date
- collector/apple-support
- alias/CVE-2019-8510
- agent/software-canonical-lookup-request
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/event
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple macos mojave
- canonical/apple high sierra
- canonical/apple sierra
- canonical/apple watchos
- canonical/apple iphone os
- canonical/apple mac os x
- canonical/apple tvos
- canonical/apple ios