-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.4060
                APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1
                             16 November 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           macOS Big Sur
Publisher:         Apple
Operating System:  Mac OS
Impact/Access:     Root Compromise                 -- Remote with User Interaction
                   Execute Arbitrary Code/Commands -- Remote with User Interaction
                   Increased Privileges            -- Existing Account            
                   Denial of Service               -- Remote with User Interaction
                   Access Confidential Data        -- Remote with User Interaction
                   Unauthorised Access             -- Existing Account            
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-27950 CVE-2020-27932 CVE-2020-27930
                   CVE-2020-27927 CVE-2020-27918 CVE-2020-27917
                   CVE-2020-27916 CVE-2020-27912 CVE-2020-27911
                   CVE-2020-27910 CVE-2020-27906 CVE-2020-27904
                   CVE-2020-27903 CVE-2020-27900 CVE-2020-27898
                   CVE-2020-27896 CVE-2020-27894 CVE-2020-15358
                   CVE-2020-14155 CVE-2020-13631 CVE-2020-13630
                   CVE-2020-13524 CVE-2020-13435 CVE-2020-13434
                   CVE-2020-10663 CVE-2020-10017 CVE-2020-10016
                   CVE-2020-10014 CVE-2020-10012 CVE-2020-10010
                   CVE-2020-10009 CVE-2020-10007 CVE-2020-10006
                   CVE-2020-10004 CVE-2020-10003 CVE-2020-10002
                   CVE-2020-9999 CVE-2020-9996 CVE-2020-9991
                   CVE-2020-9989 CVE-2020-9988 CVE-2020-9977
                   CVE-2020-9974 CVE-2020-9969 CVE-2020-9966
                   CVE-2020-9965 CVE-2020-9963 CVE-2020-9949
                   CVE-2020-9945 CVE-2020-9944 CVE-2020-9943
                   CVE-2020-9942 CVE-2020-9941 CVE-2020-9883
                   CVE-2020-9876 CVE-2020-9849 CVE-2019-20838
                   CVE-2019-14899  

Reference:         ASB-2020.0186
                   ESB-2020.3919
                   ESB-2020.3918
                   ESB-2020.3911
                   ESB-2020.3909
                   ESB-2020.3884
                   ESB-2020.2879

Original Bulletin: 
   https://support.apple.com/HT211931

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1

macOS Big Sur 11.0.1 addresses the following issues. Information
about the security content is also available at
https://support.apple.com/HT211931.

App Store
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to gain elevated privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2020-27903: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab

Audio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-27910: JunDong Xie and XingWei Lin of Ant Security Light-
Year Lab

Audio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27916: JunDong Xie of Ant Security Light-Year Lab

Audio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9943: JunDong Xie of Ant Group Light-Year Security Lab

Audio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9944: JunDong Xie of Ant Group Light-Year Security Lab

Bluetooth
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause unexpected application
termination or heap corruption
Description: Multiple integer overflows were addressed with improved
input validation.
CVE-2020-27906: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab

CoreAudio
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-10017: Francis working with Trend Micro Zero Day Initiative,
JunDong Xie of Ant Security Light-Year Lab

CoreCapture
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9949: Proteas

CoreGraphics
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-9883: an anonymous researcher, Mickey Jin of Trend Micro

Crash Reporter
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local attacker may be able to elevate  their privileges
Description: An issue existed within the path validation logic for
symlinks. This issue was addressed with improved path sanitization.
CVE-2020-10003: Tim Michaud (@TimGMichaud) of Leviathan

CoreText
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-9999: Mickey Jin & Junzhi Lu of Trend Micro

Disk Images
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9965: Proteas
CVE-2020-9966: Proteas

Finder
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Users may be unable to remove metadata indicating where files
were downloaded from
Description: The issue was addressed with additional user controls.
CVE-2020-27894: Manuel Trezza of Shuggr (shuggr.com)

FontParser
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted font may lead to arbitrary
code execution. Apple is aware of reports that an exploit for this
issue exists in the wild.
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-27930: Google Project Zero

FontParser
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-27927: Xingwei Lin of Ant Security Light-Year Lab

Foundation
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local user may be able to read arbitrary files
Description: A logic issue was addressed with improved state
management.
CVE-2020-10002: James Hutchins

ImageIO
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27912: Xingwei Lin of Ant Security Light-Year Lab

ImageIO
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Opening a maliciously crafted PDF file may lead to an
unexpected application termination or arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-9876: Mickey Jin of Trend Micro

Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A logic issue existed resulting in memory corruption.
This was addressed with improved state management.
CVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqong
Security Lab

Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An attacker in a privileged network position may be able to
inject into active connections within a VPN tunnel
Description: A routing issue was addressed with improved
restrictions.
CVE-2019-14899: William J. Tolley, Beau Kujath, and Jedidiah R.
Crandall

Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to disclose kernel
memory. Apple is aware of reports that an exploit for this issue
exists in the wild.
Description: A memory initialization issue was addressed.
CVE-2020-27950: Google Project Zero

Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved state
management.
CVE-2020-9974: Tommy Muir (@Muirey03)

Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-10016: Alex Helie

Kernel
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges. Apple is aware of reports that an exploit for
this issue exists in the wild.
Description: A type confusion issue was addressed with improved state
handling.
CVE-2020-27932: Google Project Zero

libxml2
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-27917: found by OSS-Fuzz

libxml2
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An integer overflow was addressed through improved input
validation.
CVE-2020-27911: found by OSS-Fuzz

libxpc
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to break out of its
sandbox
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2020-10014:  Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab

Logging
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local attacker may be able to elevate their privileges
Description: A path handling issue was addressed with improved
validation.
CVE-2020-10010: Tommy Muir (@Muirey03)

Mail
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to unexpectedly alter
application state
Description: This issue was addressed with improved checks.
CVE-2020-9941: Fabian Ising of FH Münster University of Applied
Sciences and Damian Poddebniak of FH Münster University of Applied
Sciences

Messages
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local user may be able to discover a userâ\x{128}\x{153}s deleted
messages
Description: The issue was addressed with improved deletion.
CVE-2020-9988: William Breuer of the Netherlands
CVE-2020-9989: von Brunn Media

Model I/O
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-13524: Aleksandar Nikolic of Cisco Talos

Model I/O
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Opening a maliciously crafted file may lead to unexpected
application termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2020-10004: Aleksandar Nikolic of Cisco Talos

NetworkExtension
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to elevate privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9996: Zhiwei Yuan of Trend Micro iCore Team, Junzhi Lu and
Mickey Jin of Trend Micro

NSRemoteView
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to preview files it does
not have access to
Description: An issue existed in the handling of snapshots. The issue
was resolved with improved permissions logic.
CVE-2020-27900: Thijs Alkemade of Computest Research Division

PCRE
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Multiple issues in pcre
Description: Multiple issues were addressed by updating to version
8.44.
CVE-2019-20838
CVE-2020-14155

Power Management
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved state
management.
CVE-2020-10007: singi@theori working with Trend Micro Zero Day
Initiative

python
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Cookies belonging to one origin may be sent to another origin
Description: Multiple issues were addressed with improved logic.
CVE-2020-27896: an anonymous researcher

Quick Look
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious app may be able to determine the existence of
files on the computer
Description: The issue was addressed with improved handling of icon
caches.
CVE-2020-9963: Csaba Fitzl (@theevilbit) of Offensive Security

Quick Look
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing a maliciously crafted document may lead to a cross
site scripting attack
Description: An access issue was addressed with improved access
restrictions.
CVE-2020-10012: Heige of KnownSec 404 Team
(https://www.knownsec.com/) and Bo Qu of Palo Alto Networks
(https://www.paloaltonetworks.com/)

Ruby
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to modify the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2020-27896: an anonymous researcher

Ruby
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: When parsing certain JSON documents, the json gem can be
coerced into creating arbitrary objects in the target system
Description: This issue was addressed with improved checks.
CVE-2020-10663: Jeremy Evans

Safari
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Visiting a malicious website may lead to address bar spoofing
Description: A spoofing issue existed in the handling of URLs. This
issue was addressed with improved input validation.
CVE-2020-9945: Narendra Bhati From Suma Soft Pvt. Ltd. Pune (India)
@imnarendrabhati

Safari
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to determine a user's
open tabs in Safari
Description: A validation issue existed in the entitlement
verification. This issue was addressed with improved validation of
the process entitlement.
CVE-2020-9977: Josh Parnham (@joshparnham)

Safari
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Visiting a malicious website may lead to address bar spoofing
Description: An inconsistent user interface issue was addressed with
improved state management.
CVE-2020-9942: an anonymous researcher, Rahul d Kankrale
(servicenger.com), Rayyan Bijoora (@Bijoora) of The City School, PAF
Chapter, Ruilin Yang of Tencent Security Xuanwu Lab, YoKo Kho
(@YoKoAcc) of PT Telekomunikasi Indonesia (Persero) Tbk, Zhiyang
Zeng(@Wester) of OPPO ZIWU Security Lab

Sandbox
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A local user may be able to view senstive user information
Description: An access issue was addressed with additional sandbox
restrictions.
CVE-2020-9969: Wojciech ReguÃ…\x{130}a of SecuRing (wojciechregula.blog)

SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-9991

SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to leak memory
Description: An information disclosure issue was addressed with
improved state management.
CVE-2020-9849

SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Multiple issues in SQLite
Description: Multiple issues were addressed by updating SQLite to
version 3.32.3.
CVE-2020-15358

SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A maliciously crafted SQL query may lead to data corruption
Description: This issue was addressed with improved checks.
CVE-2020-13631

SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-13434
CVE-2020-13435
CVE-2020-9991

SQLite
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-13630

System Preferences
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved state
management.
CVE-2020-10009: Thijs Alkemade of Computest Research Division

WebKit
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-27918: an anonymous researcher

Wi-Fi
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: An attacker may be able to bypass Managed Frame Protection
Description: A denial of service issue was addressed with improved
state handling.
CVE-2020-27898: Stephan Marais of University of Johannesburg

Xsan
Available for: Mac Pro (2013 and later), MacBook Air (2013 and
later), MacBook Pro (Late 2013 and later), Mac mini (2014 and later),
iMac (2014 and later), MacBook (2015 and later), iMac Pro (all
models)
Impact: A malicious application may be able to access restricted
files
Description: This issue was addressed with improved entitlements.
CVE-2020-10006: Wojciech ReguÃ…\x{130}a (@_r3ggi) of SecuRing

Additional recognition

Audio
We would like to acknowledge JunDong Xie and XingWei Lin of Ant-
financial Light-Year Security Lab, an anonymous researcher for their
assistance.

Bluetooth
We would like to acknowledge Dennis Heinze (@ttdennis) of TU
Darmstadt, Secure Mobile Networking Lab for their assistance.

Clang
We would like to acknowledge Brandon Azad of Google Project Zero for
their assistance.

Core Location
We would like to acknowledge YiÄ\x{159}it Can YILMAZ (@yilmazcanyigit) for
their assistance.

Directory Utility
We would like to acknowledge Wojciech ReguÃ…\x{130}a (@_r3ggi) of SecuRing
for their assistance.

iAP
We would like to acknowledge Andy Davis of NCC Group for their
assistance.

Kernel
We would like to acknowledge Brandon Azad of Google Project Zero,
Stephen Röttger of Google for their assistance.

Login Window
We would like to acknowledge Rob Morton of Leidos for their
assistance.

Photos Storage
We would like to acknowledge Paulos Yibelo of LimeHats for their
assistance.

Quick Look
We would like to acknowledge Csaba Fitzl (@theevilbit) and Wojciech
ReguÃ…\x{130}a of SecuRing (wojciechregula.blog) for their assistance.

Safari
We would like to acknowledge Gabriel Corona and Narendra Bhati From
Suma Soft Pvt. Ltd. Pune (India) @imnarendrabhati for their
assistance.

Security
We would like to acknowledge Christian Starkjohann of Objective
Development Software GmbH for their assistance.

System Preferences
We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive
Security for their assistance.

Installation note:

macOS Big Sur 11.0.1 may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/

Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl+uxpgACgkQZcsbuWJ6
jjAP3Q/6AvM2UcU/A8Ij+ik4Z1LiQRGe68fDBoBXES2sEWd9UF3sbM8rfOy6eo4O
KzERdlr1I2JRXY4QoTNnO2k0HFhJyj/pQQtm23PlyH6bKmE4pT7KFjngWlvIkp3J
q6JqnmGP628kRdo6NXPUQ1d4xdJ9Q2UT5ND/IDc8sKSk4Y4tdeY9iiZGakmnoPU+
ZBS59GDXmLObm1yOmww0bSTwm2aUd9BMAdiV3PSUPd/6//aW1T6o8sWUAlDMjLUA
u70gbqvwsjDVhPyQpAdmhzBR+VYVNoVbAkV3WvaqA4Wyf1BT/GFvJ5qZPbKJ8RsF
EL+QJsrqswgHCvweuMISPlzt+AIQSYL6nW7f+vP5W0bjS+xeRxWw5Kswm8zQWZBw
ylrRA3npjlJ1SKjPBCyi8uFZJh+Ob5qk4L0Z3L7pMMnAypYvxkxfqdoYbpajekvn
k4lTtbeKSomV12IBcOddqIUv2LTBcifMF+kN2hg9XfuTJlUByHy9y5bIkUtm506C
4nh1pGjhncD4v4ZggM8r7yqFkHUGDhnN/SQ6aKZhJtgI26kXZm5YsGsZnZPuh9CG
XjY2oeJDq6XcWz47lV6sEo1mBR7dqFNhZhz7UzN2c+ZiolIKoFpSGZ9tHP1lLj2S
woTYZ1YgWejKBF+TvggRbNoXljIX4e2BVORT3e0V42tDXE1SMYw=
=6zWD
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBX7HW6uNLKJtyKPYoAQgNMRAApzynx/sH3QbGyv8ppDej04cYtOouyjTT
MJshhiHBf/WOw49i6Dp5/thEKwk+dwqnpNlz0oPoGjTgz//pSeJ9BLgOJSuaFrj9
4nZwxR+hKnOXqlGKXS9BbM8ZMn9MF1yaFJBC4L7pj48wx9PG4Od3WuRadFhWorFZ
NGNcFFTHM7AOLGlUee+Z1VPVZvEqXBco8JYsR4fQ9RJ7wvvyDCP0yUZkPAePPwQ5
kNh/eTFrYSyhJ9lOYhxxrcch0Lexwvs64z5QjKFGME1tKo6i+2BroSZUDKRUoMtW
jIbMoMel5btSkYh0ga3t/lZsFJVU2OnnyL4B1AmK51jwYLjDlfVJMFSrUWaYxmiv
PUyPGyduETbu0SvGkvzTewBKZwxNebBYiyqy5wtb/NZU7+aBxV5WlhxRqoYjErFl
+IDAU11bh+9/+6pZJrzINierVPDqSYi+vCRjvbB4E5FiF1w/IQbUfbixgl2Y0ET4
LsPS2iGA4cmHIt7DI5Hui/2Ui0UxDKsUptaUc/NFcFKvGMKHEK8j6UOXNmRwp2dz
Sunlg12UeEURyp+MLvnUhJ8mYT1Wp/z1zzvP6hUiT/jxV4l6CPE5EsBy8w4Mk4ff
sWiM3YAX/mTs6nnpJ9R9PK0w7AUWEknzcotNuo5/0j366lysE1+h2tE5KfGQDh9C
7zDeWNR9HM8=
=ZAaq
-----END PGP SIGNATURE-----