CVE-2020-29616: Input Validation
First published: Mon Dec 14 2020(Updated: )
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
Credit: product-security@apple.com zhouat Trend Micro Zero Day Initiative
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS Big Sur | <11.1 | 11.1 |
| Apple Catalina | ||
| Apple Mojave | ||
| Apple Mac OS X | >=10.14<10.14.6 | |
| Apple Mac OS X | >=10.15<10.15.7 | |
| Apple Mac OS X | =10.14.6 | |
| Apple Mac OS X | =10.14.6-security_update_2019-004 | |
| Apple Mac OS X | =10.14.6-security_update_2019-005 | |
| Apple Mac OS X | =10.14.6-security_update_2019-006 | |
| Apple Mac OS X | =10.14.6-security_update_2019-007 | |
| Apple Mac OS X | =10.14.6-security_update_2020-002 | |
| Apple Mac OS X | =10.14.6-security_update_2020-003 | |
| Apple Mac OS X | =10.14.6-security_update_2020-004 | |
| Apple Mac OS X | =10.14.6-security_update_2020-005 | |
| Apple Mac OS X | =10.14.6-security_update_2020-006 | |
| Apple Mac OS X | =10.14.6-supplemental_update | |
| Apple Mac OS X | =10.14.6-supplemental_update_2 | |
| Apple Mac OS X | =10.15.7 | |
| Apple Mac OS X | =10.15.7-supplemental_update | |
| Apple macOS | >=11.0<11.1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT212011 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-27914
- CVE-2020-27915
- CVE-2020-27936
- CVE-2020-27903
- CVE-2020-27941
- CVE-2020-29621
- CVE-2020-29610
- CVE-2020-27910
- CVE-2020-9943
- CVE-2020-9944
- CVE-2020-27916
- CVE-2020-27906
- CVE-2020-27948
- CVE-2020-27908
- CVE-2020-9960
- CVE-2020-10017
- CVE-2020-27922
- CVE-2020-10001
- CVE-2020-27946
- CVE-2020-9962
- CVE-2020-27952
- CVE-2020-9956
- CVE-2020-27931
- CVE-2020-27943
- CVE-2020-27944
- CVE-2020-29624
- CVE-2020-29608
- CVE-2020-10002
- CVE-2020-27947
- CVE-2020-29612
- CVE-2020-9978
- CVE-2020-27939
- CVE-2020-29625
- CVE-2020-29615
- CVE-2020-29616
- CVE-2020-27924
- CVE-2020-29618
- CVE-2020-29611
- CVE-2020-29617
- CVE-2020-29619
- CVE-2020-27912
- CVE-2020-27923
- CVE-2020-27919
- CVE-2020-10015
- CVE-2020-27897
- CVE-2020-27907
- CVE-2020-9974
- CVE-2020-10016
- CVE-2020-9967
- CVE-2020-9975
- CVE-2020-27921
- CVE-2020-27949
- CVE-2020-29620
- CVE-2020-27911
- CVE-2020-27920
- CVE-2020-27926
- CVE-2020-10014
- CVE-2020-10010
- CVE-2020-29633
- CVE-2020-29614
- CVE-2020-13520
- CVE-2020-9972
- CVE-2020-13524
- CVE-2020-10004
- CVE-2020-27901
- CVE-2020-27938
- CVE-2020-10007
- CVE-2020-10012
- CVE-2020-27896
- CVE-2020-10009
- CVE-2020-29623
- CVE-2020-15969
- CVE-2020-27898
Frequently Asked Questions
What is CVE-2020-29616?
CVE-2020-29616 is a memory corruption issue in ImageIO that was addressed with improved input validation.
What software is affected by CVE-2020-29616?
CVE-2020-29616 affects macOS Big Sur (up to version 11.1), Apple Catalina, and Apple Mojave.
How can I fix CVE-2020-29616?
To fix CVE-2020-29616, ensure you have installed the latest updates for macOS Big Sur, Apple Catalina, and Apple Mojave.
What is the severity of CVE-2020-29616?
The severity of CVE-2020-29616 is not specified in the provided information.
Where can I find more information about CVE-2020-29616?
You can find more information about CVE-2020-29616 on the Apple support website: https://support.apple.com/en-us/HT212011
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/apple
- canonical/apple mac os x
- version/apple mac os x/10.14
- version/apple mac os x/10.15
- version/apple mac os x/10.14.6
- version/apple mac os x/10.14.6-security_update_2019-004
- version/apple mac os x/10.14.6-security_update_2019-005
- version/apple mac os x/10.14.6-security_update_2019-006
- version/apple mac os x/10.14.6-security_update_2019-007
- version/apple mac os x/10.14.6-security_update_2020-002
- version/apple mac os x/10.14.6-security_update_2020-003
- version/apple mac os x/10.14.6-security_update_2020-004
- version/apple mac os x/10.14.6-security_update_2020-005
- version/apple mac os x/10.14.6-security_update_2020-006
- version/apple mac os x/10.14.6-supplemental_update
- version/apple mac os x/10.14.6-supplemental_update_2
- version/apple mac os x/10.15.7
- version/apple mac os x/10.15.7-supplemental_update
- canonical/apple macos
- version/apple macos/11.0
- canonical/apple macos big sur
- canonical/apple catalina
- canonical/apple mojave