CVE-2019-6213

CVE Database · CVE-2019-6213

CVE-2019-6213

· N/AModified

CVSS v3.1

N/A

EPSS

5.42%

Published

Mar 5, 2019

Modified

Nov 21, 2024

Public PoC / Exploit (2)

All weaponized →

Exploit-DBmacOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2, watchOS 5.1.3. An application may be able to execute arbitrary code with kernel privileges.

Weaknesses (CWE)

CWE-119

Affected Products (4)

apple · iphone_os (up to 12.1.3)vulnerable

apple · mac_os_x (up to 10.14.3)vulnerable

apple · tv_os (up to 12.1.2)vulnerable

apple · watchos (up to 5.1.3)vulnerable

References (12)

http://www.securityfocus.com/bid/106739

Third Party Advisory

https://support.apple.com/HT209443

Vendor Advisory

https://support.apple.com/HT209446

Vendor Advisory

https://support.apple.com/HT209447

Vendor Advisory

https://support.apple.com/HT209448

Vendor Advisory

https://www.exploit-db.com/exploits/46300/

ExploitThird Party Advisory

http://www.securityfocus.com/bid/106739

Third Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs