CVE-2020-9990 – Apple macOS process_token_SetFence Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-9990
A race condition was addressed with additional validation. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó una condición de carrera con una comprobación adicional. Este problema se corrigió en macOS Catalina versión 10.15.6. • https://support.apple.com/kb/HT211289 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2020-9921 – Apple macOS process_token_BlitFramebuffer Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-9921
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.6. A malicious application may be able to execute arbitrary code with system privileges. Se abordó un problema de corrupción de la memoria con un manejo de la memoria mejorada. Este problema se corrigió en macOS Catalina versión 10.15.6. • https://support.apple.com/kb/HT211289 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •
CVE-2020-9927 – Apple macOS AMDSupport Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-9927
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. An application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de la memoria con una comprobación de entrada mejorada. Este problema se corrigió en macOS Catalina versión 10.15.6. • https://support.apple.com/kb/HT211289 • CWE-787: Out-of-bounds Write •
CVE-2020-9908 – Apple macOS Intel Graphics Driver Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-9908
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to cause unexpected system termination or read kernel memory. Se abordó una lectura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en macOS Catalina versión 10.15.6. • https://support.apple.com/kb/HT211289 • CWE-125: Out-of-bounds Read •
CVE-2020-9939 – Apple macOS kextload Time-Of-Check Time-Of-Use Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2020-9939
This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A local user may be able to load unsigned kernel extensions. Este problema fue abordado con comprobaciones mejoradas. Este problema se corrigió en macOS Catalina versión 10.15.6. • https://support.apple.com/kb/HT211289 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •