CVE-2021-30743 – Apple macOS ImageIO PICT File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-30743
An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.5 and iPadOS 14.5, watchOS 7.4, Security Update 2021-003 Catalina, tvOS 14.5, macOS Big Sur 11.3. Processing a maliciously crafted image may lead to arbitrary code execution. Se abordó una escritura fuera de límites con una comprobación de entrada mejorada. Este problema se corrigió en iOS versión 14.5 e iPadOS versión 14.5, watchOS versión 7.4, Security Update 2021-003 Catalina, tvOS versión 14.5, macOS Big Sur versión 11.3. • https://support.apple.com/en-us/HT212317 https://support.apple.com/en-us/HT212323 https://support.apple.com/en-us/HT212324 https://support.apple.com/en-us/HT212325 https://support.apple.com/en-us/HT212530 • CWE-787: Out-of-bounds Write •
CVE-2021-30719 – Apple macOS AppleIntelKBLGraphics IOCTL 0x20006 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-30719
A local user may be able to cause unexpected system termination or read kernel memory. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina. An out-of-bounds read issue was addressed by removing the vulnerable code. Un usuario local puede causar la terminación inesperada del sistema o leer la memoria del kernel. Este problema es corregido en macOS Big Sur versión 11.4, Security Update 2021-003 Catalina. • https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212530 • CWE-125: Out-of-bounds Read •
CVE-2021-30668
https://notcve.org/view.php?id=CVE-2021-30668
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.4. A person with physical access to a Mac may be able to bypass Login Window during a software update. Se abordó este problema con comprobaciones mejoradas. Este problema es corregido en macOS Big Sur versión 11.4. • https://support.apple.com/en-us/HT212529 • CWE-287: Improper Authentication •
CVE-2021-30680
https://notcve.org/view.php?id=CVE-2021-30680
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4. A local user may be able to load unsigned kernel extensions. Se abordó un problema lógico con una administración de estado mejorada. Este problema es corregido en macOS Big Sur versión 11.4. • https://support.apple.com/en-us/HT212529 •
CVE-2021-30727
https://notcve.org/view.php?id=CVE-2021-30727
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.4, tvOS 14.6, watchOS 7.5, iOS 14.6 and iPadOS 14.6. A malicious application may be able to modify protected parts of the file system. Se abordó un problema lógico con una administración de estado mejorada. Este problema se corrigió en macOS Big Sur versión 11.4, tvOS versión 14.6, watchOS versión 7.5, iOS versión 14.6 e iPadOS versión 14.6. • https://support.apple.com/en-us/HT212528 https://support.apple.com/en-us/HT212529 https://support.apple.com/en-us/HT212532 https://support.apple.com/en-us/HT212533 •