Apple iOS/iPadOS Kernel use after free

entryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in Apple iOS and iPadOS (Smartphone Operating System) (the affected version unknown). This affects some unknown functionality of the component Kernel. Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.

Field04/03/2021 11:20 AM04/08/2021 05:18 PM
vendorAppleApple
nameiOS/iPadOSiOS/iPadOS
componentKernelKernel
cwe416 (memory corruption)416 (memory corruption)
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cHH
cvss3_vuldb_iHH
cvss3_vuldb_aHH
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
cvss2_vuldb_avLL
cvss2_vuldb_acLL
cvss2_vuldb_auSS
cvss2_vuldb_ciCC
cvss2_vuldb_iiCC
cvss2_vuldb_aiCC
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcCC
date1607900400 (12/14/2020)1607900400 (12/14/2020)
locationWebsiteWebsite
typeAdvisoryAdvisory
person_nameTielei WangTielei Wang
disputed00
nameUpgradeUpgrade
date1607900400 (12/14/2020)1607900400 (12/14/2020)
cveCVE-2020-9975CVE-2020-9975
cve_assigned15831036001583103600
cve_nvd_summaryA use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, tvOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges.
typeSmartphone Operating System
cvss2_vuldb_basescore6.8
cvss2_vuldb_tempscore5.9
cvss3_vuldb_basescore7.8
cvss3_vuldb_tempscore7.5
cvss3_meta_basescore7.8
cvss3_meta_tempscore7.5
price_0day$25k-$100k
price_trend+

Do you want to use VulDB in your project?

Use the official API to access entries easily!