macOS and iOS suffer from a race condition in XNU's mk_timer_create_trap() that can lead to type confusion.
d1bfcbb0f7141fd12ac902ba274b00d9b3331a6891c61615250c4fbba3b53358
Apple Security Advisory 2020-1-28-1 - iOS 13.3.1 and iPadOS 13.3.1 are now available and address code execution vulnerabilities.
451f9f0db4b53867f6b4613f74a664aaee0fadcb5afed494d424333c909099b5
Apple Security Advisory 2020-1-28-2 - macOS Catalina 10.15.3, Security Update 2020-001 Mojave, and Security Update 2020-001 High Sierra are now available and address buffer overflow, bypass, and code execution vulnerabilities.
6dc59a831c4eeb00f22a91e88c410f4413de1117cf660dac3d76799ab2d9c97d
Apple Security Advisory 2020-1-28-4 - tvOS 13.3.1 is now available and addresses code execution vulnerabilities.
8811822470152c7c5c5739e0be582b4d494845ed881e590aa7e2da5e6d1452fb
Apple Security Advisory 2020-1-28-3 - watchOS 6.1.2 is now available and addresses code execution vulnerabilities.
dbe2c3cb8a3c6e9e7d49c188d63249672b132824e400c3434a381fea33e430a0