Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
829
VMScore

CVE-2021-30937

Published: 24/08/2021 Updated: 07/11/2023
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 829
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. A malicious application may be able to execute arbitrary code with kernel privileges.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apple mac os x 10.15.7

apple mac os x

apple macos

apple watchos

apple iphone os

apple ipados

apple tvos

Exploits

Exploit DB: XNU inm_merge Heap Use-After-Free
XNU suffers from a heap use-after-free vulnerability in inm_merge ...

Mailing Lists

Full Disclosure: APPLE-SA-2021-12-15-2 macOS Monterey 12.1
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-12-15-2 macOS Monterey 121 macOS Monterey 121 addresses the following issues Information about the security content is also available at supportapplecom/HT212978 Airport Available for: macOS Monterey Impact: A device may be passively tracked via BSSIDs Description: An ac ...
Full Disclosure: APPLE-SA-2021-12-15-5 tvOS 15.2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-12-15-5 tvOS 152 tvOS 152 addresses the following issues Information about the security content is also available at supportapplecom/HT212980 Audio Available for: Apple TV 4K and Apple TV HD Impact: Parsing a maliciously crafted audio file may lead to disclosure of user ...
Full Disclosure: APPLE-SA-2021-12-15-4 Security Update 2021-008 Catalina
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-12-15-4 Security Update 2021-008 Catalina Security Update 2021-008 Catalina addresses the following issues Information about the security content is also available at supportapplecom/HT212981 Archive Utility Available for: macOS Catalina Impact: A malicious application may ...

Github Repositories

https://github.com/potmdehex/multicast_bytecopy

kernel r/w exploit for iOS 15.0 - 15.1.1

multicast_bytecopy This code is published for security researchers, do not use this code for any purpose unless you know what you are doing multicast_bytecopy is a kernel r/w exploit for iOS 150 - 1511 by @jaakerblom and the spiritual successor of multipath_kfree The exploit can be adapted to gain kernel r/w on prior iOS versions This implementation is for iOS 150 - 151

https://github.com/realrodri/ExploiteameEsta

CVE-2021-30937 vulnerability checking app

ExploiteameEsta CVE-2021-30937 vulnerability checking app ¿Qué es esto? Este proyecto es una aplicación para dispositivos iOS dedicada a iOS 150-1511 Podrás probar si la vulnerabilidad mencionada arriba es compatible con tu dispositivo o no Se te mostrarán varias alertas y ventanas emergentes que te dirán cosas en el proceso Venim

References

CWE-787https://support.apple.com/en-us/HT212975https://support.apple.com/en-us/HT212976https://support.apple.com/en-us/HT212978https://support.apple.com/en-us/HT212979https://support.apple.com/en-us/HT212981https://support.apple.com/en-us/HT212980http://packetstormsecurity.com/files/165475/XNU-inm_merge-Heap-Use-After-Free.htmlhttps://nvd.nist.govhttps://github.com/potmdehex/multicast_bytecopyhttps://packetstormsecurity.com/files/165475/XNU-inm_merge-Heap-Use-After-Free.html
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073CVE-2024-5496CVE-2024-5495XPath injectionbypassCVE-2024-30043CVE-2024-24919denial of serviceCVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook