Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

APPLE-SA-2021-05-25-3 Security Update 2021-004 Mojave

Related Vulnerabilities: CVE-2021-30676   CVE-2021-30678   CVE-2021-30690   CVE-2021-30669   CVE-2021-30681   CVE-2021-30724   CVE-2021-30710   CVE-2021-1884   CVE-2021-1883   CVE-2021-30697   CVE-2021-30683   CVE-2021-30687   CVE-2021-30705   CVE-2021-30728   CVE-2021-30704   CVE-2021-30702   CVE-2021-30723   CVE-2021-30691   CVE-2021-30694   CVE-2021-30692   CVE-2021-30746   CVE-2021-30693   CVE-2021-30695   CVE-2021-30708   CVE-2021-30709   CVE-2021-30725   CVE-2021-30679   CVE-2020-36226   CVE-2020-36229   CVE-2020-36225   CVE-2020-36224   CVE-2020-36223   CVE-2020-36227   CVE-2020-36228   CVE-2020-36221   CVE-2020-36222   CVE-2020-36230   CVE-2021-30716   CVE-2021-30717   CVE-2021-30712   CVE-2021-30721   CVE-2021-30722  
Source 
                							

                <!--X-Body-Begin-->
<!--X-User-Header-->
<a href="/fulldisclosure/"><img src="/images/fulldisclosure-logo.png" class="l-logo right" alt="fulldisclosure logo" width="80"></a>
<h2 class="m-list"><a href="/fulldisclosure/">Full Disclosure</a>
mailing list archives</h2>
<!--X-User-Header-End-->
<!--X-TopPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="64"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#65">By Date</a>
<a href="66"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="64"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#65">By Thread</a>
<a href="66"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<form class="nst-search center" action="/search/fulldisclosure">
<input class="nst-search-q" name="q" type="search" placeholder="List Archive Search">
<button class="nst-search-button" title="Search">
<img style="width:100%;aspect-ratio:1/1;" alt="" aria-hidden="true" src="/shared/images/nst-icons.svg#search">
</button>
</form>

</div>

<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
<h1 class="m-title">APPLE-SA-2021-05-25-3 Security Update 2021-004 Mojave</h1>
<hr>
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->


<em>From</em>: Apple Product Security via Fulldisclosure &lt;fulldisclosure () seclists org&gt;


<em>Date</em>: Tue, 25 May 2021 15:21:42 -0700


<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<hr>
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
<pre style="margin: 0em;">-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-05-25-3 Security Update 2021-004 Mojave

Security Update 2021-004 Mojave addresses the following issues.
Information about the security content is also available at
<a rel="nofollow" href="https://support.apple.com/HT212531">https://support.apple.com/HT212531</a>.

AMD
Available for: macOS Mojave
Impact: A local user may be able to cause unexpected system
termination or read kernel memory
Description: A logic issue was addressed with improved state
management.
CVE-2021-30676: shrek_wzw

AMD
Available for: macOS Mojave
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2021-30678: Yu Wang of Didi Research America

apache
Available for: macOS Mojave
Impact: Multiple issues in apache
Description: Multiple issues in apache were addressed by updating
apache to version 2.4.46.
CVE-2021-30690: an anonymous researcher

AppleScript
Available for: macOS Mojave
Impact: A malicious application may bypass Gatekeeper checks
Description: A logic issue was addressed with improved state
management.
CVE-2021-30669: Yair Hoffmann

Core Services
Available for: macOS Mojave
Impact: A malicious application may be able to gain root privileges
Description: A validation issue existed in the handling of symlinks.
This issue was addressed with improved validation of symlinks.
CVE-2021-30681: Zhongcheng Li (CK01)

CVMS
Available for: macOS Mojave
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed with improved checks.
CVE-2021-30724: Mickey Jin (@patch1t) of Trend Micro

Heimdal
Available for: macOS Mojave
Impact: A malicious application may cause a denial of service or
potentially disclose memory contents
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-30710: Gabe Kirkpatrick (@gabe_k)

Heimdal
Available for: macOS Mojave
Impact: A remote attacker may be able to cause a denial of service
Description: A race condition was addressed with improved locking.
CVE-2021-1884: Gabe Kirkpatrick (@gabe_k)

Heimdal
Available for: macOS Mojave
Impact: Processing maliciously crafted server messages may lead to
heap corruption
Description: This issue was addressed with improved checks.
CVE-2021-1883: Gabe Kirkpatrick (@gabe_k)

Heimdal
Available for: macOS Mojave
Impact: A local user may be able to leak sensitive user information
Description: A logic issue was addressed with improved state
management.
CVE-2021-30697: Gabe Kirkpatrick (@gabe_k)

Heimdal
Available for: macOS Mojave
Impact: A malicious application could execute arbitrary code leading
to compromise of user information
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30683: Gabe Kirkpatrick (@gabe_k)

ImageIO
Available for: macOS Mojave
Impact: Processing a maliciously crafted image may lead to disclosure
of user information
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30687: Hou JingYi (@hjy79425575) of Qihoo 360

ImageIO
Available for: macOS Mojave
Impact: Processing a maliciously crafted ASTC file may disclose
memory contents
Description: This issue was addressed with improved checks.
CVE-2021-30705: Ye Zhang of Baidu Security

Intel Graphics Driver
Available for: macOS Mojave
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-30728: Liu Long of Ant Security Light-Year Lab

Kernel
Available for: macOS Mojave
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A logic issue was addressed with improved state
management.
CVE-2021-30704: an anonymous researcher

Login Window
Available for: macOS Mojave
Impact: A person with physical access to a Mac may be able to bypass
Login Window
Description: A logic issue was addressed with improved state
management.
CVE-2021-30702: Jewel Lambert of Original Spin, LLC.

Model I/O
Available for: macOS Mojave
Impact: Processing a maliciously crafted USD file may disclose memory
contents
Description: An information disclosure issue was addressed with
improved state management.
CVE-2021-30723: Mickey Jin (@patch1t) of Trend Micro
CVE-2021-30691: Mickey Jin (@patch1t) of Trend Micro
CVE-2021-30694: Mickey Jin (@patch1t) of Trend Micro
CVE-2021-30692: Mickey Jin (@patch1t) of Trend Micro

Model I/O
Available for: macOS Mojave
Impact: Processing a maliciously crafted USD file may disclose memory
contents
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-30746: Mickey Jin (@patch1t) of Trend Micro

Model I/O
Available for: macOS Mojave
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A validation issue was addressed with improved logic.
CVE-2021-30693: Mickey Jin (@patch1t) &amp; Junzhi Lu (@pwn0rz) of Trend
Micro

Model I/O
Available for: macOS Mojave
Impact: Processing a maliciously crafted USD file may disclose memory
contents
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30695: Mickey Jin (@patch1t) &amp; Junzhi Lu (@pwn0rz) of Trend
Micro

Model I/O
Available for: macOS Mojave
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-30708: Mickey Jin (@patch1t) &amp; Junzhi Lu (@pwn0rz) of Trend
Micro

Model I/O
Available for: macOS Mojave
Impact: Processing a maliciously crafted USD file may disclose memory
contents
Description: This issue was addressed with improved checks.
CVE-2021-30709: Mickey Jin (@patch1t) of Trend Micro

Model I/O
Available for: macOS Mojave
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-30725: Mickey Jin (@patch1t) of Trend Micro

NSOpenPanel
Available for: macOS Mojave
Impact: An application may be able to gain elevated privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2021-30679: Gabe Kirkpatrick (@gabe_k)

OpenLDAP
Available for: macOS Mojave
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-36226
CVE-2020-36229
CVE-2020-36225
CVE-2020-36224
CVE-2020-36223
CVE-2020-36227
CVE-2020-36228
CVE-2020-36221
CVE-2020-36222
CVE-2020-36230

smbx
Available for: macOS Mojave
Impact: An attacker in a privileged network position may be able to
perform denial of service
Description: A logic issue was addressed with improved state
management.
CVE-2021-30716: Aleksandar Nikolic of Cisco Talos

smbx
Available for: macOS Mojave
Impact: An attacker in a privileged network position may be able to
execute arbitrary code
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-30717: Aleksandar Nikolic of Cisco Talos

smbx
Available for: macOS Mojave
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2021-30712: Aleksandar Nikolic of Cisco Talos

smbx
Available for: macOS Mojave
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: A path handling issue was addressed with improved
validation.
CVE-2021-30721: Aleksandar Nikolic of Cisco Talos

smbx
Available for: macOS Mojave
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An information disclosure issue was addressed with
improved state management.
CVE-2021-30722: Aleksandar Nikolic of Cisco Talos

Additional recognition

CFString
We would like to acknowledge an anonymous researcher for their
assistance.

CoreCapture
We would like to acknowledge Zuozhi Fan (@pattern_F_) of Ant-
financial TianQiong Security Lab for their assistance.

Installation note:

This update may be obtained from the Mac App Store or
Apple's Software Downloads web site:
<a rel="nofollow" href="https://support.apple.com/downloads/">https://support.apple.com/downloads/</a>

Information will also be posted to the Apple Security Updates
web site: <a rel="nofollow" href="https://support.apple.com/kb/HT201222">https://support.apple.com/kb/HT201222</a>

This message is signed with Apple's Product Security PGP key,
and details are available at:
<a rel="nofollow" href="https://www.apple.com/support/security/pgp/">https://www.apple.com/support/security/pgp/</a>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCtU9EACgkQZcsbuWJ6
jjCFWg//YnTAv0f31A5ILv6tAFsMOLCqe5qfpGEqQDktx5kNmnZVQxck0yAEPVH4
SghKtTTE0t6KXne94QcnEntdgoMG+EgsvBqBzCxpJtjxArwxQHqL/slnfIKKTSg7
8+PIQALwJDOLrtxzf6X0VY0fT3tElYcq8qrrYrqQgXCn8C3bKvO/42wwdVCDOTmD
kft0PhZkHa1GyJ+RuPAv+Y9KVrTy2dYX6hGMbiFpJ2il0My+CgdvJc4QO4P7kObk
nProKc8zdsNAXTMHX1s0tfR8MFwnNquJT6/KV/FHeby1rbT3CK4zd6x64dIq4KVi
j4Spubs5/TT4ji926R3xm5W3MkOegJiB9S2Rjy5LU/JMyV+BM9VBEZ6upK0y4+l6
tHCdhf90Kwt82zQYBE1o3nCBAPhWz9rk91kuPl1YstvLzBrdujmXRtLgcQVW2F+e
NLCtyx1/WUUi2WR5VWiz9AMBl8QjBWXuGvmR+ToBK/m6T8km4lp6V74mbCj1OyKg
0wHf0oh0KNZRCrtR2PoIvBZnC+KxcdH4QVqKPePYzr+CYnWnA6TDV5yXWITVYLQA
x74LPPpDML/yc9TLgWxNTTMuEflG+riGTO3Oet3iB1SFsobbAqWlfZqIklBHgyQe
f62TlXzjqJWuFBzlhQ0weK8EbgDQWoRiJM3xnpO2HnM2nRQvWfs=
=t1cR
-----END PGP SIGNATURE-----

_______________________________________________
Sent through the Full Disclosure mailing list
<a rel="nofollow" href="https://nmap.org/mailman/listinfo/fulldisclosure">https://nmap.org/mailman/listinfo/fulldisclosure</a>
Web Archives &amp; RSS: <a rel="nofollow" href="http://seclists.org/fulldisclosure/">http://seclists.org/fulldisclosure/</a>

</pre>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<hr>
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
<div class="nav-bar">
<div class="nav-link">
<a href="64"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="date.html#65">By Date</a>
<a href="66"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
<div class="nav-link">
<a href="64"><img src="/images/left-icon-16x16.png" alt="Previous" width="16" height="16"></a>
<a href="index.html#65">By Thread</a>
<a href="66"><img src="/images/right-icon-16x16.png" alt="Next" width="16" height="16"></a>
</div>
</div>
<h3 class="m-thread">Current thread:</h3>
<ul class="thread">
<li><strong>APPLE-SA-2021-05-25-3 Security Update 2021-004 Mojave</strong> <em>Apple Product Security via Fulldisclosure (May 26)</em>
</li></ul>


<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->
<p>

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started