CVE-2019-6209
iOS/macOS 10.13.6 - 'if_ports_used_update_wakeuuid()' 16-byte Uninitialized Kernel Stack Disclosure
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. A malicious application may be able to determine kernel memory layout.
Existió un problema de lectura fuera de límites que conducía a la divulgación de la memoria del kernel. Esto se abordó con la mejora de la validación de entradas. Este problema se ha resuelto en iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2 y watchOS 5.1.3. Una aplicación maliciosa podría ser capaz de determinar la distribución de la memoria del kernel.
iOS and macOS suffer from an if_ports_used_update_wakeuuid() 16-byte uninitialized kernel stack disclosure vulnerability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-11 CVE Reserved
- 2019-01-23 CVE Published
- 2024-06-13 EPSS Updated
- 2024-08-04 CVE Updated
- 2024-08-04 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/106739 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/46285 | 2024-08-04 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.apple.com/HT209443 | 2019-03-06 | |
| https://support.apple.com/HT209446 | 2019-03-06 | |
| https://support.apple.com/HT209447 | 2019-03-06 | |
| https://support.apple.com/HT209448 | 2019-03-06 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apple Search vendor "Apple" | Iphone Os Search vendor "Apple" for product "Iphone Os" | < 12.1.3 Search vendor "Apple" for product "Iphone Os" and version " < 12.1.3" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | < 10.14.3 Search vendor "Apple" for product "Mac Os X" and version " < 10.14.3" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Tv Os Search vendor "Apple" for product "Tv Os" | < 12.1.2 Search vendor "Apple" for product "Tv Os" and version " < 12.1.2" | - |
Affected
| ||||||
| Apple Search vendor "Apple" | Watchos Search vendor "Apple" for product "Watchos" | < 5.1.3 Search vendor "Apple" for product "Watchos" and version " < 5.1.3" | - |
Affected
| ||||||