Headline
CVE-2021-30922: About the security content of macOS Big Sur 11.6.1
Multiple out-of-bounds write issues were addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.
Released October 25, 2021
AppleScript
Available for: macOS Big Sur
Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30876: Jeremy Brown, hjy79425575
CVE-2021-30879: Jeremy Brown, hjy79425575
CVE-2021-30877: Jeremy Brown
CVE-2021-30880: Jeremy Brown
Audio
Available for: macOS Big Sur
Impact: A malicious application may be able to elevate privileges
Description: An integer overflow was addressed through improved input validation.
CVE-2021-30907: Zweig of Kunlun Lab
Bluetooth
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
CVE-2021-30899: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America
ColorSync
Available for: macOS Big Sur
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation.
CVE-2021-30926: Jeremy Brown
Entry added May 25, 2022
ColorSync
Available for: macOS Big Sur
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.
CVE-2021-30917: Alexandru-Vlad Niculae and Mateusz Jurczyk of Google Project Zero
Continuity Camera
Available for: macOS Big Sur
Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution
Description: An uncontrolled format string issue was addressed with improved input validation.
CVE-2021-30903: Gongyu Ma of Hangzhou Dianzi University
Entry added January 19, 2022, updated May 25, 2022
CoreAudio
Available for: macOS Big Sur
Impact: Processing a maliciously crafted file may disclose user information
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30905: Mickey Jin (@patch1t) of Trend Micro
Entry added January 19, 2022
CoreGraphics
Available for: macOS Big Sur
Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution
Description: An out-of-bounds write was addressed with improved input validation.
CVE-2021-30919
FileProvider
Available for: macOS Big Sur
Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution
Description: An input validation issue was addressed with improved memory handling.
CVE-2021-30881: Simon Huang (@HuangShaomang) and pjf of IceSword Lab of Qihoo 360
GPU Drivers
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: An out-of-bounds write issue was addressed with improved bounds checking.
CVE-2021-30900: Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab
Entry added January 19, 2022
iCloud
Available for: macOS Big Sur
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed with improved checks.
CVE-2021-30906: Cees Elzinga
Intel Graphics Driver
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2021-30824: Antonio Zekic (@antoniozekic) of Diverto
Intel Graphics Driver
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.
CVE-2021-30901: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab, Jack Dates of RET2 Systems, Inc., Liu Long of Ant Security Light-Year Lab, Yinyi Wu (@3ndy1) of Ant Security Light-Year Lab
CVE-2021-30922: Jack Dates of RET2 Systems, Inc., Yinyi Wu (@3ndy1)
Entry updated January 19, 2022, updated May 25, 2022
IOGraphics
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30821: Tim Michaud (@TimGMichaud) of Zoom Video Communications
IOMobileFrameBuffer
Available for: macOS Big Sur
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30883: an anonymous researcher
Kernel
Available for: macOS Big Sur
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30909: Zweig of Kunlun Lab
Kernel
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30916: Zweig of Kunlun Lab
Model I/O
Available for: macOS Big Sur
Impact: Processing a maliciously crafted file may disclose user information
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30910: Mickey Jin (@patch1t) of Trend Micro
Model I/O
Available for: macOS Big Sur
Impact: Processing a maliciously crafted USD file may disclose memory contents
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab
SMB
Available for: macOS Big Sur
Impact: A remote attacker may be able to leak memory
Description: A logic issue was addressed with improved state management.
CVE-2021-30844: Peter Nguyen Vu Hoang of STAR Labs
Entry added May 25, 2022
SMB
Available for: macOS Big Sur
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2021-30868: Peter Nguyen Vu Hoang of STAR Labs
SoftwareUpdate
Available for: macOS Big Sur
Impact: An unprivileged application may be able to edit NVRAM variables
Description: A logic issue was addressed with improved restrictions.
CVE-2021-30913: Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab
Entry updated May 25, 2022
SoftwareUpdate
Available for: macOS Big Sur
Impact: A malicious application may gain access to a user’s Keychain items
Description: The issue was addressed with improved permissions logic.
CVE-2021-30912: Kirin (@Pwnrin) and chenyuwang (@mzzzz__) of Tencent Security Xuanwu Lab
UIKit
Available for: macOS Big Sur
Impact: A person with physical access to a device may be able to determine characteristics of a user’s password in a secure text entry field
Description: A logic issue was addressed with improved state management.
CVE-2021-30915: Kostas Angelopoulos
Windows Server
Available for: macOS Big Sur
Impact: A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen
Description: An authentication issue was addressed with improved state management.
CVE-2021-30908: ASentientBot
xar
Available for: macOS Big Sur
Impact: Unpacking a maliciously crafted archive may allow an attacker to write arbitrary files
Description: This issue was addressed with improved checks.
CVE-2021-30833: Richard Warren of NCC Group
Entry added January 19, 2022
zsh
Available for: macOS Big Sur
Impact: A malicious application may be able to modify protected parts of the file system
Description: An inherited permissions issue was addressed with additional restrictions.
CVE-2021-30892: Jonathan Bar Or of Microsoft
Related news
Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root access to bypass security enforcements and perform arbitrary actions on affected devices. Specifically, the flaw – dubbed Migraine and tracked as CVE-2023-32369 – could be abused to get around a key security measure called System Integrity Protection (SIP), or “rootless,” which
Google TAG researchers reveal two campaigns against iOS, Android, and Chrome users that demonstrate how the commercial surveillance market is thriving despite government-imposed limits.
A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and iOS devices, Google's Threat Analysis Group (TAG) has revealed. The two distinct campaigns were both limited and highly targeted, taking advantage of the patch gap between the release of a fix and when it was actually deployed on the targeted devices. "These
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
A new commercial spyware for governments, called Hermit, has spotted in the wild. It affects iOS and all Android versions. The post Hermit spyware is deployed with the help of a victim’s ISP appeared first on Malwarebytes Labs.
By Deeba Ahmed According to Google, Italian spyware provider RCS Labs received support from several Internet Service Providers (ISPs) to distribute… This is a post from HackRead.com Read the original post: ISPs Helping Attackers Install Hermit Spyware on Smartphones- Google
A week after it emerged that sophisticated mobile spyware dubbed Hermit was used by the government of Kazakhstan within its borders, Google said it has notified Android users of infected devices. Additionally, necessary changes have been implemented in Google Play Protect — Android's built-in malware defense service — to protect all users, Benoit Sevens and Clement Lecigne of Google Threat
The company is warning victims in Italy and Kazakhstan that they have been targeted by the malware from Italian firm RCS Labs.
A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A remote attacker may be able to leak memory.
A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. An attacker with physical access to a device may be able to see private contact information.
This issue was addressed with improved checks. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution.
This issue was addressed with improved checks. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, macOS Big Sur 11.6.1. A local attacker may be able to elevate their privileges.
The issue was addressed with improved permissions logic. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.6.1. An unprivileged application may be able to edit NVRAM variables.
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted audio file may lead to arbitrary code execution.
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. Processing a maliciously crafted audio file may lead to arbitrary code execution.
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A malicious application may be able to execute arbitrary code with kernel privileges.