Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.1416 Apple security update for macOS Catalina 27 April 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: macOS Catalina Publisher: Apple Operating System: Mac OS Impact/Access: Root Compromise -- Existing Account Execute Arbitrary Code/Commands -- Remote with User Interaction Modify Arbitrary Files -- Existing Account Denial of Service -- Remote/Unauthenticated Provide Misleading Information -- Remote/Unauthenticated Access Confidential Data -- Existing Account Unauthorised Access -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-30652 CVE-2021-1882 CVE-2021-1881 CVE-2021-1878 CVE-2021-1876 CVE-2021-1875 CVE-2021-1873 CVE-2021-1868 CVE-2021-1860 CVE-2021-1857 CVE-2021-1851 CVE-2021-1847 CVE-2021-1843 CVE-2021-1840 CVE-2021-1839 CVE-2021-1834 CVE-2021-1828 CVE-2021-1824 CVE-2021-1813 CVE-2021-1811 CVE-2021-1810 CVE-2021-1809 CVE-2021-1808 CVE-2021-1797 CVE-2021-1784 CVE-2021-1740 CVE-2021-1739 CVE-2020-27942 CVE-2020-8286 CVE-2020-8285 CVE-2020-8037 CVE-2020-3838 Reference: ESB-2021.1408 ESB-2021.1114 ESB-2021.0352 Original Bulletin: https://support.apple.com/HT212326 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina Security Update 2021-002 Catalina addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212326. APFS Available for: macOS Catalina Impact: A local user may be able to read arbitrary files Description: The issue was addressed with improved permissions logic. CVE-2021-1797: Thomas Tempelmann Archive Utility Available for: macOS Catalina Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management. CVE-2021-1810: an anonymous researcher Audio Available for: macOS Catalina Impact: An application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab CFNetwork Available for: macOS Catalina Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1857: an anonymous researcher CoreAudio Available for: macOS Catalina Impact: A malicious application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab CoreGraphics Available for: macOS Catalina Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2021-1847: Xuwei Liu of Purdue University CoreText Available for: macOS Catalina Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: A logic issue was addressed with improved state management. CVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab curl Available for: macOS Catalina Impact: A remote attacker may be able to cause a denial of service Description: A buffer overflow was addressed with improved input validation. CVE-2020-8285: xnynx curl Available for: macOS Catalina Impact: An attacker may provide a fraudulent OCSP response that would appear valid Description: This issue was addressed with improved checks. CVE-2020-8286: an anonymous researcher DiskArbitration Available for: macOS Catalina Impact: A malicious application may be able to modify protected parts of the file system Description: A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. CVE-2021-1784: Mikko Kenttälä (@Turmio_) of SensorFu, Csaba Fitzl (@theevilbit) of Offensive Security, and an anonymous researcher FontParser Available for: macOS Catalina Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1881: Hou JingYi (@hjy79425575) of Qihoo 360, an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, and Mickey Jin of Trend Micro FontParser Available for: macOS Catalina Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-27942: an anonymous researcher Foundation Available for: macOS Catalina Impact: A malicious application may be able to gain root privileges Description: A validation issue was addressed with improved logic. CVE-2021-1813: Cees Elzinga Foundation Available for: macOS Catalina Impact: An application may be able to gain elevated privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1882: Gabe Kirkpatrick (@gabe_k) ImageIO Available for: macOS Catalina Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-1843: Ye Zhang of Baidu Security Intel Graphics Driver Available for: macOS Catalina Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1834: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Kernel Available for: macOS Catalina Impact: A malicious application may be able to disclose kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1860: @0xalsr Kernel Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management. CVE-2021-1851: @0xalsr Kernel Available for: macOS Catalina Impact: A local attacker may be able to elevate their privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1840: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab libxpc Available for: macOS Catalina Impact: A malicious application may be able to gain root privileges Description: A race condition was addressed with additional validation. CVE-2021-30652: James Hutchins libxslt Available for: macOS Catalina Impact: Processing a maliciously crafted file may lead to heap corruption Description: A double free issue was addressed with improved memory management. CVE-2021-1875: Found by OSS-Fuzz Login Window Available for: macOS Catalina Impact: A malicious application with root privileges may be able to access private information Description: This issue was addressed with improved entitlements. CVE-2021-1824: Wojciech ReguÅ\x{130}a (@_r3ggi) of SecuRing NSRemoteView Available for: macOS Catalina Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-1876: Matthew Denton of Google Chrome Preferences Available for: macOS Catalina Impact: A local user may be able to modify protected parts of the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) CVE-2021-1740: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) smbx Available for: macOS Catalina Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An integer overflow was addressed with improved input validation. CVE-2021-1878: Aleksandar Nikolic of Cisco Talos (talosintelligence.com) Tailspin Available for: macOS Catalina Impact: A local attacker may be able to elevate their privileges Description: A logic issue was addressed with improved state management. CVE-2021-1868: Tim Michaud of Zoom Communications tcpdump Available for: macOS Catalina Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-8037: an anonymous researcher Time Machine Available for: macOS Catalina Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved permissions logic. CVE-2021-1839: Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc Wi-Fi Available for: macOS Catalina Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1828: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab wifivelocityd Available for: macOS Catalina Impact: An application may be able to execute arbitrary code with system privileges Description: The issue was addressed with improved permissions logic. CVE-2020-3838: Dayton Pidhirney (@_watbulb) Windows Server Available for: macOS Catalina Impact: A malicious application may be able to unexpectedly leak a user's credentials from secure text fields Description: An API issue in Accessibility TCC permissions was addressed with improved state management. CVE-2021-1873: an anonymous researcher Installation note: This update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHO1YACgkQZcsbuWJ6 jjBNDA//cITX6Bzw+4rkTd58ZQ+2P60B30bvuMWuNmXDEyIHZz0ZMDX7Wymm9SBC GLQ9mh9XY10/11NjdAiHZIs8BTs18CcOpjODbRTuF7d/plL6eUcsSLVbkC9hoyJF IOAEawLoqye7f+hlsCbC00NzLlAtsR5PjkqwCTGjGBw8G8qPbLFvh72Qwagr/G05 zeEg3fRM+lecFHUZzXVkdW2WiQ6aO2ejKkhdhSCATnj+xZF1wEz/Wjb3oLQ3qOvq i8lQg7Vcr64uF0HGCKPBmbINc7yM/ChZjs5oEyxdMc1/rxvU30nSvEc17LsVMIvM ZJxnjhBjcTi36gL8pM8Lfh57+AG0L/EwVe6onjC7yBneEbfk5dUYuglcAB2uJwgj V47KS0+5X9bwi33JmI/OpaaVRVCqJBO+iiZQnuQFAFFcC/F2fu6g8uKg8Vo/kg/I d4ypBrAsybJKZvMUVKBAWb9tS0JlVKpYurl89n9F2N47BkotP4AwDsmTTFZguiG+ sfRL+uAB2xy46VvLTNx71HeFTltc7wmlZOORx7MJ4bcYI/ibJbOq612Q7GyiADeP cKKpi4snPxv0mOiIsc4dE91RiUWfAUBmw+469EH3IWFQYMpuDtCmQPlHkrTmYu2K gn1q0sLR6LAX/l9uQxGaSarW2ZXmrj4/dpsfmnRYS8zDDQw/0JQ= =c954 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYIecm+NLKJtyKPYoAQjgMw//Z9hI/G7obJ7sbczXaQ131MfONIwA76AN VmqvqFkqO8BRIEjqRHDOZDb32EDl+sYIlpQzALN3ObGbe5bn5KWs3YtIQL8dC3JM 0Vfi3mD5rE2YhUAbjSdyUy7mgTqWKTC9rWCOcpUs7AeqqU0eZiI1gkgiukUJiNXD mHqwefBK5vg8Y4qBHi+7PC/gfO7oGT5rPTImGhZUCcxM9FXQpIYw/UrruUAL9pir Sj7fhY8FhawsyCZnvZ6L40uRA9YTUuk9HY2F9jNWvPvxI4GXiXuKEHB6IWn3f0z7 AUWCnsuWOVBxl9OMtsx27eG2lwlmQM1/n3Ly+YhX4p9yn2myieO/+/Dk9Cgw4YxC 5/Uv20DiGT8/YFDrvGeNpEW4P+DkLRo4x8xF5nspNsBbXzifYwXF/P46ysmUus+C 5SDEfuNENuTGldy/L8fjqFC3It5jrD1I0sRnKldK5MXLZ3JL8RZ2nn2tnhqpq/NY 0aEqk+2gJ47ehn5ssY9VEApfw9JGsHNoWgoyKZbpz2FZhcM6sd0zEBqd9F5M+QQj 6hNyT1dm/Dg+spLKL6PzC5fvQ4mOY2F23YGFyH8oRTwOOxesSyDG/6BepkrEfOpd yk6rXnoDvlc57s/yCGpFHbqldVsT1FUwXKlMD+j66JH+kn34l23S26Me344JvgAD 12l7m0cI/l0= =JXMY -----END PGP SIGNATURE-----