CVE-2020-3851: Use After Free
First published: Tue Jan 28 2020(Updated: )
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to gain elevated privileges.
Credit: Xiaolong Bai Min (Spark) Zheng Alibaba IncLuyi Xing Indiana University BloomingtonXiaolong Bai Min (Spark) Zheng Alibaba IncLuyi Xing Indiana University Bloomington product-security@apple.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple Mac OS X | >=10.15.2<10.15.3 | |
| Apple Mac OS X | >=10.13.6<10.15.4 | |
| Apple macOS Catalina | <10.15.3 | 10.15.3 |
| Apple Mojave | ||
| Apple High Sierra |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT210919 (Advisory)
- https://support.apple.com/en-us/HT211100 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2020-3877
- CVE-2019-11043
- CVE-2020-3857
- CVE-2020-3866
- CVE-2020-3848
- CVE-2020-3849
- CVE-2020-3850
- CVE-2020-3847
- CVE-2020-3835
- CVE-2020-3863
- CVE-2020-9774
- CVE-2020-3827
- CVE-2020-3826
- CVE-2020-3870
- CVE-2020-3878
- CVE-2020-3880
- CVE-2020-3845
- CVE-2020-3837
- CVE-2020-3851
- CVE-2020-3840
- CVE-2020-3875
- CVE-2020-3872
- CVE-2020-3853
- CVE-2020-3836
- CVE-2020-3842
- CVE-2020-3871
- CVE-2020-3846
- CVE-2020-3856
- CVE-2020-3829
- CVE-2020-3830
- CVE-2020-3854
- CVE-2019-18634
- CVE-2020-3855
- CVE-2020-3839
- CVE-2020-3843
- CVE-2020-3838
- CVE-2020-9772
- CVE-2020-3903
- CVE-2020-3904
- CVE-2020-3883
- CVE-2020-6616
- CVE-2020-9853
- CVE-2020-3907
- CVE-2020-3908
- CVE-2020-3912
- CVE-2020-9779
- CVE-2020-3892
- CVE-2020-3893
- CVE-2020-3905
- CVE-2019-8853
- CVE-2020-9776
- CVE-2020-9828
- CVE-2020-3913
- CVE-2020-9829
- CVE-2020-3898
- CVE-2020-3881
- CVE-2020-3886
- CVE-2019-14615
- CVE-2020-3919
- CVE-2020-3896
- CVE-2020-3914
- CVE-2020-9785
- CVE-2020-3909
- CVE-2020-3911
- CVE-2020-3910
- CVE-2020-3884
- CVE-2020-3915
- CVE-2020-9775
- CVE-2020-9771
- CVE-2020-3918
- CVE-2019-19232
- CVE-2020-9786
- CVE-2020-3906
- CVE-2020-3889
- CVE-2020-9769
- CVE-2020-9787
- CVE-2020-3902
Frequently Asked Questions
What is CVE-2020-3851?
CVE-2020-3851 is a vulnerability related to IOThunderboltFamily in macOS Catalina, Mojave, and High Sierra.
What is the severity of CVE-2020-3851?
The severity of CVE-2020-3851 is not mentioned in the provided information.
How does CVE-2020-3851 affect macOS Catalina?
CVE-2020-3851 affects macOS Catalina versions 10.15.4 and 10.15.3.
How does CVE-2020-3851 affect Apple Mojave?
CVE-2020-3851 affects Apple Mojave, but specific versions are not mentioned.
How does CVE-2020-3851 affect Apple High Sierra?
CVE-2020-3851 affects Apple High Sierra, but specific versions are not mentioned.
How can I fix the vulnerability CVE-2020-3851?
To fix the vulnerability CVE-2020-3851, it is recommended to update macOS Catalina to version 10.15.4 or 10.15.3 when available.
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple macos catalina
- canonical/apple mojave
- canonical/apple high sierra
- canonical/apple mac os x
- version/apple mac os x/10.15.2
- version/apple mac os x/10.13.6