CVE-2021-30865
https://notcve.org/view.php?id=CVE-2021-30865
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó una lectura fuera de límites con una comprobación de entradas mejorada. Este problema se corrigió en macOS Big Sur versión 11.6, Security Update 2021-005 Catalina. • https://support.apple.com/en-us/HT212804 https://support.apple.com/en-us/HT212805 • CWE-125: Out-of-bounds Read •
CVE-2021-30859
https://notcve.org/view.php?id=CVE-2021-30859
A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de confusión de tipos con una administración de estado mejorada. Este problema se corrigió en iOS versión 14.8 y iPadOS versión 14.8, macOS Big Sur versión 11.6, Security Update 2021-005 Catalina. • https://support.apple.com/en-us/HT212804 https://support.apple.com/en-us/HT212805 https://support.apple.com/en-us/HT212807 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2021-30857
https://notcve.org/view.php?id=CVE-2021-30857
A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó una condición de carrera con un bloqueo mejorado. Este problema se corrigió en Security Update 2021-005 Catalina, iOS versión 14.8 y iPadOS versión 14.8, tvOS versión 15, iOS versión 15 y iPadOS versión 15, watchOS versión 8, macOS Big Sur versión 11.6. • https://support.apple.com/en-us/HT212804 https://support.apple.com/en-us/HT212805 https://support.apple.com/en-us/HT212807 https://support.apple.com/en-us/HT212814 https://support.apple.com/en-us/HT212815 https://support.apple.com/en-us/HT212819 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2021-30855
https://notcve.org/view.php?id=CVE-2021-30855
A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. An application may be able to access restricted files. Se presentó un problema de comprobación en el manejo de los enlaces simbólicos. • https://support.apple.com/en-us/HT212804 https://support.apple.com/en-us/HT212805 https://support.apple.com/en-us/HT212807 https://support.apple.com/en-us/HT212814 https://support.apple.com/en-us/HT212819 https://support.apple.com/kb/HT212815 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2021-30792 – Apple macOS ModelIO ABC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30792
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en iOS versión 14.7, macOS Big Sur versión 11.5. • https://support.apple.com/en-us/HT212601 https://support.apple.com/en-us/HT212602 https://support.apple.com/kb/HT212600 https://support.apple.com/kb/HT212603 • CWE-787: Out-of-bounds Write •