CVE-2021-30905 – Apple macOS AudioCodecs LOAS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30905
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, tvOS 15.1, watchOS 8.1, Security Update 2021-007 Catalina. Processing a maliciously crafted file may disclose user information. Se abordó una lectura fuera de límites con una comprobación de límites mejorada. Este problema se corrigió en iOS versión 15.1 y iPadOS versión 15.1, macOS Monterey versión 12.0.1, tvOS versión 15.1, watchOS versión 8.1, Security Update 2021-007 Catalina. • https://support.apple.com/en-us/HT212867 https://support.apple.com/en-us/HT212869 https://support.apple.com/en-us/HT212871 https://support.apple.com/en-us/HT212874 https://support.apple.com/en-us/HT212876 https://support.apple.com/kb/HT212807 https://support.apple.com/kb/HT212872 https://www.zerodayinitiative.com/advisories/ZDI-21-1368 • CWE-125: Out-of-bounds Read •
CVE-2021-30903
https://notcve.org/view.php?id=CVE-2021-30903
This issue was addressed with improved checks. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution. Este problema se abordó con comprobaciones mejoradas. Este problema se corrigió en iOS versión 14.8.1 y iPadOS versión 14.8.1, iOS versión 15.1 y iPadOS versión 15.1, macOS Monterey versión 12.0.1. • https://support.apple.com/en-us/HT212867 https://support.apple.com/en-us/HT212868 https://support.apple.com/en-us/HT212869 https://support.apple.com/kb/HT212871 https://support.apple.com/kb/HT212872 https://support.apple.com/kb/HT212874 https://support.apple.com/kb/HT212876 •
CVE-2021-30902
https://notcve.org/view.php?id=CVE-2021-30902
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A local attacker may be able to cause unexpected application termination or arbitrary code execution. Se abordó un problema de uso de memoria previamente liberada con una administración de memoria mejorada. Este problema se corrigió en iOS versión 14.8.1 y iPadOS versión 14.8.1, iOS versión 15.1 y iPadOS versión 15.1. • https://support.apple.com/en-us/HT212867 https://support.apple.com/en-us/HT212868 • CWE-416: Use After Free •
CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2021-30900
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 14.8.1 and iPadOS 14.8.1, iOS 15.1 and iPadOS 15.1. A malicious application may be able to execute arbitrary code with kernel privileges. Se abordó un problema de escritura fuera de límites con una comprobación de límites mejorada. Este problema se corrigió en iOS versión 14.8.1 y iPadOS versión 14.8.1, iOS versión 15.1 y iPadOS versión 15.1. • https://support.apple.com/en-us/HT212867 https://support.apple.com/en-us/HT212868 https://support.apple.com/kb/HT212872 • CWE-787: Out-of-bounds Write •
CVE-2021-30898
https://notcve.org/view.php?id=CVE-2021-30898
An access issue was addressed with additional sandbox restrictions on third party applications. This issue is fixed in iOS 15 and iPadOS 15. A malicious application may be able to access some of the user's Apple ID information, or recent in-app search terms. Se ha solucionado un problema de acceso con restricciones adicionales de sandbox en aplicaciones de terceros. Este problema se ha solucionado en iOS 15 y iPadOS 15. • https://support.apple.com/en-us/HT212814 •