CVE-2021-30949 – XNU Kernel mach_msg Use-After-Free
https://notcve.org/view.php?id=CVE-2021-30949
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de corrupción de memoria con una administración de estado mejorada. Este problema es corregido en macOS Big Sur versión 11.6.2, tvOS versión 15.2, macOS Monterey versión 12.1, Security Update 2021-008 Catalina, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • http://packetstormsecurity.com/files/165670/XNU-Kernel-mach_msg-Use-After-Free.html https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us/HT212981 • CWE-787: Out-of-bounds Write •
CVE-2021-30948
https://notcve.org/view.php?id=CVE-2021-30948
An inconsistent user interface issue was addressed with improved state management. This issue is fixed in iOS 15.2 and iPadOS 15.2. A person with physical access to an iOS device may be able to access stored passwords without authentication. Se abordó un problema de interfaz de usuario incoherente con una administración de estado mejorada. Este problema es corregido en iOS versión 15.2 e iPadOS versión 15.2. • https://support.apple.com/en-us/HT212976 • CWE-522: Insufficiently Protected Credentials •
CVE-2021-30946
https://notcve.org/view.php?id=CVE-2021-30946
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.1, watchOS 8.3, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2. A malicious application may be able to bypass certain Privacy preferences. Se abordó un problema de lógica con restricciones mejoradas. Este problema es corregido en macOS Monterey versión 12.1, watchOS versión 8.3, iOS versión 15.2 e iPadOS versión 15.2, macOS Big Sur versión 11.6.2. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 https://support.apple.com/kb/HT213056 •
CVE-2021-30947
https://notcve.org/view.php?id=CVE-2021-30947
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, watchOS 8.3. An application may be able to access a user's files. Se abordó un problema de acceso con restricciones adicionales del sandbox. Este problema es corregido en macOS Big Sur versión 11.6.2, tvOS versión 15.2, macOS Monterey versión 12.1, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 https://support.apple.com/en-us/HT212980 •
CVE-2021-30945
https://notcve.org/view.php?id=CVE-2021-30945
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A local attacker may be able to elevate their privileges. Este problema es corregido con comprobaciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.6.2, tvOS versión 15.2, macOS Monterey versión 12.1, Security Update 2021-008 Catalina, iOS versión 15.2 e iPadOS versión 15.2, watchOS versión 8.3. • https://support.apple.com/en-us/HT212975 https://support.apple.com/en-us/HT212976 https://support.apple.com/en-us/HT212978 https://support.apple.com/en-us/HT212979 https://support.apple.com/en-us/HT212980 https://support.apple.com/en-us/HT212981 •