What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2019-8767.

What is the severity of CVE-2019-8767?

CVE-2019-8767 has a severity rating of 9.8 (Critical).

How does this vulnerability affect macOS Catalina?

This vulnerability affects macOS Catalina versions up to and exclusive of 10.15.1.

What is the recommended remedy for this vulnerability?

The recommended remedy for this vulnerability is to update to macOS Catalina 10.15.1 or install the corresponding security updates (Security Update 2019-001, Security Update 2019-006).

Vulnerability/
CVE-2019-8767

critical

9.8

CWE

787

7/10/2019

27/10/2020

21/7/2021

CVE-2019-8767

First published: Mon Oct 07 2019(Updated: )

A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Processing a maliciously crafted string may lead to heap corruption.

Credit: product-security@apple.com Stephen Zeisberg Stephen Zeisberg

Affected Software	Affected Version	How to fix
Apple Mac OS X	<10.15
Apple macOS Catalina	<10.15	10.15
Apple macOS Catalina	<10.15.1	10.15.1

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT210634 (Advisory)
https://support.apple.com/en-us/HT210722 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Peer vulnerabilities

(Found alongside the following vulnerabilities)

CVE-2019-8748
CVE-2019-11041
CVE-2019-11042
CVE-2019-8706
CVE-2019-8850
CVE-2019-8774
CVE-2019-8753
CVE-2019-8705
CVE-2019-8592
CVE-2019-8741
CVE-2019-8825
CVE-2019-8757
CVE-2019-8736
CVE-2019-8767
CVE-2019-8737
CVE-2019-8776
CVE-2019-8509
CVE-2019-8746
CVE-2018-12152
CVE-2018-12153
CVE-2018-12154
CVE-2019-8759
CVE-2019-8758
CVE-2019-8755
CVE-2019-8703
CVE-2019-8809
CVE-2019-8744
CVE-2019-8717
CVE-2019-8709
CVE-2019-8781
CVE-2019-8749
CVE-2019-8756
CVE-2019-8750
CVE-2019-8799
CVE-2019-8826
CVE-2019-8730
CVE-2019-8772
CVE-2019-8708
CVE-2019-8715
CVE-2019-8855
CVE-2019-8770
CVE-2019-8701
CVE-2019-8761
CVE-2019-8745
CVE-2019-8831
CVE-2019-8769
CVE-2019-8768
CVE-2019-8854
CVE-2019-8787
CVE-2019-8796
CVE-2019-8824
CVE-2019-8803
CVE-2019-8817
CVE-2019-8716
CVE-2019-8788
CVE-2019-8785
CVE-2019-8797
CVE-2019-8789
CVE-2017-7152
CVE-2019-8798
CVE-2019-8784
CVE-2019-8807
CVE-2019-8801
CVE-2019-8794
CVE-2019-8786
CVE-2019-8829
CVE-2019-8802
CVE-2019-8858
CVE-2019-8805
CVE-2019-8754
CVE-2019-15126

Frequently Asked Questions

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2019-8767.
What is the severity of CVE-2019-8767?
CVE-2019-8767 has a severity rating of 9.8 (Critical).
How does this vulnerability affect macOS Catalina?
This vulnerability affects macOS Catalina versions up to and exclusive of 10.15.1.
What is the recommended remedy for this vulnerability?
The recommended remedy for this vulnerability is to update to macOS Catalina 10.15.1 or install the corresponding security updates (Security Update 2019-001, Security Update 2019-006).
What could happen if a maliciously crafted string is processed with this vulnerability?
Processing a maliciously crafted string may lead to heap corruption.

collector/nvd-index
collector/apple-support
agent/references
agent/severity
agent/weakness
agent/author
agent/tags
agent/description
agent/event
agent/type
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
vendor/apple
canonical/apple mac os x
canonical/apple macos catalina