Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2492 Security Update 2021-005 Mojave 22 July 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Mojave Publisher: Apple Operating System: Mac OS Impact/Access: Root Compromise -- Existing Account Execute Arbitrary Code/Commands -- Remote with User Interaction Denial of Service -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Unauthorised Access -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2021-30805 CVE-2021-30799 CVE-2021-30796 CVE-2021-30793 CVE-2021-30790 CVE-2021-30788 CVE-2021-30787 CVE-2021-30783 CVE-2021-30782 CVE-2021-30781 CVE-2021-30780 CVE-2021-30777 CVE-2021-30766 CVE-2021-30765 CVE-2021-30760 CVE-2021-30759 CVE-2021-30733 CVE-2021-30703 CVE-2021-30677 CVE-2021-30672 Reference: ESB-2021.1797 ESB-2021.1796 ESB-2021.1794 Original Bulletin: https://support.apple.com/HT212603 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-07-21-4 Security Update 2021-005 Mojave Security Update 2021-005 Mojave addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212603. AMD Kernel Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation. CVE-2021-30805: ABC Research s.r.o AppKit Available for: macOS Mojave Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: An information disclosure issue was addressed by removing the vulnerable code. CVE-2021-30790: hjy79425575 working with Trend Micro Zero Day Initiative Audio Available for: macOS Mojave Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30781: tr3e Bluetooth Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: A memory corruption issue was addressed with improved state management. CVE-2021-30672: say2 of ENKI CoreStorage Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: An injection issue was addressed with improved validation. CVE-2021-30777: Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc CoreText Available for: macOS Mojave Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30733: Sunglin from the Knownsec 404 CVMS Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30780: Tim Michaud(@TimGMichaud) of Zoom Video Communications FontParser Available for: macOS Mojave Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An integer overflow was addressed through improved input validation. CVE-2021-30760: Sunglin of Knownsec 404 team FontParser Available for: macOS Mojave Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A stack overflow was addressed with improved input validation. CVE-2021-30759: hjy79425575 working with Trend Micro Zero Day Initiative FontParser Available for: macOS Mojave Impact: Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents Description: This issue was addressed with improved checks. CVE-2021-30788: tr3e working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Mojave Impact: An application may be able to cause unexpected system termination or write kernel memory Description: This issue was addressed with improved checks. CVE-2021-30787: Anonymous working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-30765: Liu Long of Ant Security Light-Year Lab CVE-2021-30766: Liu Long of Ant Security Light-Year Lab Kernel Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: A double free issue was addressed with improved memory management. CVE-2021-30703: an anonymous researcher Kernel Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management. CVE-2021-30793: Zuozhi Fan (@pattern_F_) of Ant Security TianQiong Lab LaunchServices Available for: macOS Mojave Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization. CVE-2021-30677: Ron Waisberg (@epsilan) LaunchServices Available for: macOS Mojave Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with improved access restrictions. CVE-2021-30783: Ron Waisberg (@epsilan) Model I/O Available for: macOS Mojave Impact: Processing a maliciously crafted image may lead to a denial of service Description: A logic issue was addressed with improved validation. CVE-2021-30796: Mickey Jin (@patch1t) of Trend Micro Sandbox Available for: macOS Mojave Impact: A malicious application may be able to access restricted files Description: This issue was addressed with improved checks. CVE-2021-30782: Csaba Fitzl (@theevilbit) of Offensive Security WebKit Available for: macOS Mojave Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2021-30799: Sergei Glazunov of Google Project Zero Additional recognition configd We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. CoreServices We would like to acknowledge Zhongcheng Li (CK01) for their assistance. CoreText We would like to acknowledge Mickey Jin (@patch1t) of Trend Micro for their assistance. crontabs We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. IOKit We would like to acknowledge George Nosenko for their assistance. Spotlight We would like to acknowledge Csaba Fitzl (@theevilbit) of Offensive Security for their assistance. Installation note: This update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ - -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmD4r8gACgkQZcsbuWJ6 jjAFqw//aRrp4GJSvgT+hScSa6eEABeqAhFgN5tnuRq5i08PpnrHvHqzTHK/Mt14 XEC1ki6Vzhe68ngSqGwLllEv1UjMZ2BkCCNQWse5RmkPvjwXO815SjZyJuVWwVdf t4zlfFaMKS/kzxugIMUD6auYUKGaqV3FJYvWYBStvbdv5veu1zuEH5d7MxeQ/A8X 32oM7I1anDUEC7yRjT4yV567ameQElIiv+plLgyQwvK4DcRCNPvpdq+7wLgnoeXU WYFUOVsJkzFy1oOnVUmX/DQgoYW7jbZzN2+rnPRcYMl+VqpQDP0leefMOTY2OPlR CAbJD7N67UZwC/e4PKIv6Q5q+ajqsnqo9MOmmB8kbVHn9aIU2Z52FxIv7fM58cA0 OQOYcngSHboz1q2JMjhBm+RJWy67B/1W6F/TOklbdMTlIlF/e3EkL/kpx0Svvpco zCOv1KeS4NO/gxijkLxuZzMhFzj3Gl+hMBwwVARIR4TbvKX0oqiHetGL0ImnHVKy P+AXZwvqSHdV9XOxz2BQoSaeMxTNfwp+TIIttbLPU8no8uUcJKgPx5fp/+nnWjrd IPCBc0JG9f41nbx/WlVFIaBZ0idS6c5g9zxDyBI1xaxbF0LPG3ID3sx589Nj5+wL /p8WfH/o9nv7psvQMO8PgzQ+orSZo5LOBAq1rFzwOKGPZaYNeKc= =gcuI - -----END PGP SIGNATURE----- _______________________________________________ - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYPkKbeNLKJtyKPYoAQgPuQ//Q5zNrcRq/ne/xAXOXUwbPSxg4j2LKoul cXexV7uHUfnKcd3awDr3N5LJPPMoqqEiFzXk+9gohgtq29btHS1nvxuUzPDK7TEp XmJd0wNCX69Xymq5PZb2VxslfV/VpA+JQzxRqoa5Tbz113NWhpEV37kRLpZmxU6C rE9vW6yRz2cPCKFudN+BJHQIIBLhtD8HaE5Mlx3fWs/4Am/UQf0KKjASZD/wEVOf ifHhIEJfapLozJk56Mg5eMo3VUPSVdjTn5HNkLeG3YKWnxmbyLIv6HgaJCDwM/5I AWslTM6vG7PTBUvEsODyo87tpJAzWMIUx+F6niXEHSF7MRD4oYhbQZmo9IXI+41y HOR0iuGXdK2kR0qPXwGc++Kefe618fPcsko2ns3jOFXSPFa2KZthbxDnuHCO9c4B tHcJXroFSDI9uJCAdzz174C21UMX5u6WMaxA0VNKqcyrQYsR7HriT/JAfKD7n8Xg k7SKy1QZ6WTEZBj21eRoOmpMmnRWCZ7xSoNHeyc68DNfpq2sjxJmb98eV49rMOL5 GTJ6EtNOoAvus3HFctYc75GBOa6zLk24OhTHXvwHaPz635+vFP0HiFJiJQgfKtmv eg6D+2PKO2/7+xt81zKDhdL3EsCR+V0q1MmTAU6U5rQqgPMzckvPMBDL1/ugm0Wm ltFTzerBb1Q= =sWoD -----END PGP SIGNATURE-----