Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2021-30937

Published: 24/08/2021 Updated: 07/11/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 829
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Apple

Vulnerability Summary

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel privileges.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x 10.15.7

apple mac os x

apple macos

apple watchos

apple iphone os

apple ipados

apple tvos

Exploits

Exploit DB: XNU inm_merge Heap Use-After-Free
XNU suffers from a heap use-after-free vulnerability in inm_merge ...

Mailing Lists

Full Disclosure: APPLE-SA-2021-12-15-6 watchOS 8.3
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> APPLE-SA-2021-12-15-6 watchOS 83 <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Apple Product Security ...
Full Disclosure: APPLE-SA-2021-12-15-1 iOS 15.2 and iPadOS 15.2
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> APPLE-SA-2021-12-15-1 iOS 152 and iPadOS 152 <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: Apple Prod ...

Github Repositories

https://github.com/potmdehex/multicast_bytecopy

kernel r/w exploit for iOS 15.0 - 15.1.1

multicast_bytecopy This code is published for security researchers, do not use this code for any purpose unless you know what you are doing multicast_bytecopy is a kernel r/w exploit for iOS 150 - 1511 by @jaakerblom and the spiritual successor of multipath_kfree The exploit can be adapted to gain kernel r/w on prior iOS versions This implementation is for iOS 150 - 151

https://github.com/realrodri/ExploiteameEsta

CVE-2021-30937 vulnerability checking app

ExploiteameEsta CVE-2021-30937 vulnerability checking app ¿Qué es esto? Este proyecto es una aplicación para dispositivos iOS dedicada a iOS 150-1511 Podrás probar si la vulnerabilidad mencionada arriba es compatible con tu dispositivo o no Se te mostrarán varias alertas y ventanas emergentes que te dirán cosas en el proceso Venim

References

CWE-787https://support.apple.com/en-us/HT212975https://support.apple.com/en-us/HT212976https://support.apple.com/en-us/HT212978https://support.apple.com/en-us/HT212979https://support.apple.com/en-us/HT212981https://support.apple.com/en-us/HT212980http://packetstormsecurity.com/files/165475/XNU-inm_merge-Heap-Use-After-Free.htmlhttps://nvd.nist.govhttps://github.com/potmdehex/multicast_bytecopyhttps://packetstormsecurity.com/files/165475/XNU-inm_merge-Heap-Use-After-Free.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946CVE-2024-30309CVE-2024-4761CVE-2024-30051type confusionmemory leakCVE-2024-30293reflected XSSCVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook