CVE-2021-30955
https://notcve.org/view.php?id=CVE-2021-30955
A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, tvOS 15.2. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó una condición de carrera con un manejo de estado mejorado. Este problema es corregido en macOS Monterey versión 12.1, watchOS versión 8.3, iOS versión 15.2 e iPadOS versión 15.2, tvOS versión 15.2. • https://github.com/verygenericname/CVE-2021-30955-POC-IPA https://github.com/timb-machine-mirrors/jakeajames-CVE-2021-30955 https://github.com/nickorlow/CVE-2021-30955-POC https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2021-30954 – webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30954
A type confusion issue was addressed with improved memory handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de confusión de tipo con una administración de la memoria mejorada. Este problema es corregido en tvOS versión 15.2, macOS Monterey versión 12.1, Safari versión 15.2, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • http://www.openwall.com/lists/oss-security/2022/01/21/2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2021-30953 – webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30953
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema es corregido en tvOS versión 15.2, macOS Monterey versión 12.1, Safari versión 15.2, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • http://www.openwall.com/lists/oss-security/2022/01/21/2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us • CWE-125: Out-of-bounds Read •
CVE-2021-30952 – webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30952
An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un desbordamiento de enteros con una comprobación de entrada mejorada. Este problema es corregido en tvOS versión 15.2, macOS Monterey versión 12.1, Safari versión 15.2, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • http://www.openwall.com/lists/oss-security/2022/01/21/2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us • CWE-190: Integer Overflow or Wraparound •
CVE-2021-30951 – webkitgtk: Processing maliciously crafted web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2021-30951
A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution. Se abordó un problema de uso de memoria previamente liberada con una administración de la memoria mejorada. Este problema es corregido en tvOS versión 15.2, macOS Monterey versión 12.1, Safari versión 15.2, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • http://www.openwall.com/lists/oss-security/2022/01/21/2 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7EQVZ3CEMTINLBZ7PBC7WRXVEVCRHNSM https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQKWD4BXRDD2YGR5AVU7H5J5PIQIEU6V https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us • CWE-416: Use After Free •