cve-2021-30916
Vulnerability from cvelistv5
Published
2021-08-24 18:50
Modified
2024-08-03 22:48
Severity
Summary
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.
References
Impacted products
| Vendor | Product |
|---|---|
| Apple | iOS and iPadOS |
| Apple | iOS and iPadOS |
| Apple | macOS |
| Apple | macOS |
| Apple | macOS |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T22:48:14.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212869"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212871"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212872"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212867"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.apple.com/en-us/HT212868"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/kb/HT212980"
},
{
"name": "20211217 APPLE-SA-2021-12-15-5 tvOS 15.2",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Dec/43"
},
{
"name": "20211217 APPLE-SA-2021-12-15-6 watchOS 8.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Dec/44"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "15.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "iOS and iPadOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "14.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "12.0",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "2021",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "macOS",
"vendor": "Apple",
"versions": [
{
"lessThan": "11.6",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A malicious application may be able to execute arbitrary code with kernel privileges",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-17T19:06:21",
"orgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"shortName": "apple"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212869"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212871"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212872"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212867"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.apple.com/en-us/HT212868"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/kb/HT212980"
},
{
"name": "20211217 APPLE-SA-2021-12-15-5 tvOS 15.2",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Dec/43"
},
{
"name": "20211217 APPLE-SA-2021-12-15-6 watchOS 8.3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Dec/44"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@apple.com",
"ID": "CVE-2021-30916",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "15.1"
}
]
}
},
{
"product_name": "iOS and iPadOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "14.8"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "12.0"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2021"
}
]
}
},
{
"product_name": "macOS",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "11.6"
}
]
}
}
]
},
"vendor_name": "Apple"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A malicious application may be able to execute arbitrary code with kernel privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/en-us/HT212869",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212869"
},
{
"name": "https://support.apple.com/en-us/HT212871",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212871"
},
{
"name": "https://support.apple.com/en-us/HT212872",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212872"
},
{
"name": "https://support.apple.com/en-us/HT212867",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212867"
},
{
"name": "https://support.apple.com/en-us/HT212868",
"refsource": "MISC",
"url": "https://support.apple.com/en-us/HT212868"
},
{
"name": "https://support.apple.com/kb/HT212975",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212975"
},
{
"name": "https://support.apple.com/kb/HT212980",
"refsource": "CONFIRM",
"url": "https://support.apple.com/kb/HT212980"
},
{
"name": "20211217 APPLE-SA-2021-12-15-5 tvOS 15.2",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Dec/43"
},
{
"name": "20211217 APPLE-SA-2021-12-15-6 watchOS 8.3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Dec/44"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c",
"assignerShortName": "apple",
"cveId": "CVE-2021-30916",
"datePublished": "2021-08-24T18:50:19",
"dateReserved": "2021-04-13T00:00:00",
"dateUpdated": "2024-08-03T22:48:14.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2021-30916\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2021-08-24T19:15:19.297\",\"lastModified\":\"2023-11-07T03:33:50.713\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.1 and iPadOS 15.1, macOS Monterey 12.0.1, iOS 14.8.1 and iPadOS 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur 11.6.1. A malicious application may be able to execute arbitrary code with kernel privileges.\"},{\"lang\":\"es\",\"value\":\"Se abord\u00f3 un problema de corrupci\u00f3n de memoria con un manejo de memoria mejorada. Este problema se corrigi\u00f3 en iOS versi\u00f3n 15.1 y iPadOS versi\u00f3n 15.1, macOS Monterey versi\u00f3n 12.0.1, iOS versi\u00f3n 14.8.1 y iPadOS versi\u00f3n 14.8.1, Security Update 2021-007 Catalina, macOS Big Sur versi\u00f3n 11.6.1. Una aplicaci\u00f3n maliciosa puede ser capaz de ejecutar c\u00f3digo arbitrario con privilegios del kernel\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.3},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipad_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14.8.1\",\"matchCriteriaId\":\"A9DB9916-6DA1-4A32-86A2-AD8DC5246709\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6361C54F-4F5D-4624-8A1F-69DBC6AD4A69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"14.8.1\",\"matchCriteriaId\":\"54888682-EF77-4F2A-B07F-AA86B0C65717\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A332DEC8-FB74-404E-BE6A-46DB0DEDAA59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.15.7\",\"matchCriteriaId\":\"EF8C1CB5-DACB-449C-9E07-E477142C589F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"A654B8A2-FC30-4171-B0BB-366CD7ED4B6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1F4BF7F-90D4-4668-B4E6-B06F4070F448\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F441A43-1669-478D-9EC8-E96882DE4F9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*\",\"matchCriteriaId\":\"D425C653-37A2-448C-BF2F-B684ADB08A26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*\",\"matchCriteriaId\":\"A54D63B7-B92B-47C3-B1C5-9892E5873A98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*\",\"matchCriteriaId\":\"3456176F-9185-4EE2-A8CE-3D989D674AB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*\",\"matchCriteriaId\":\"D337EE21-2F00-484D-9285-F2B0248D7A19\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*\",\"matchCriteriaId\":\"012052B5-9AA7-4FD3-9C80-5F615330039D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:10.15.7:supplemental_update:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1C795B9-E58D-467C-83A8-2D45C792292F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0\",\"versionEndExcluding\":\"11.6.1\",\"matchCriteriaId\":\"3ADD7C81-7CB2-4505-ACA0-9EC193E347D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:macos:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1974DC5F-8F37-4582-B597-E58C94189193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:tvos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"16CAE2FB-FADC-4BF4-9115-D20D365051BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:watchos:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"8.3\",\"matchCriteriaId\":\"7A7245FB-6FBE-4C09-80F5-18504CA623B3\"}]}]}],\"references\":[{\"url\":\"http://seclists.org/fulldisclosure/2021/Dec/43\",\"source\":\"product-security@apple.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2021/Dec/44\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212867\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212868\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212869\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212871\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/en-us/HT212872\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/kb/HT212975\",\"source\":\"product-security@apple.com\"},{\"url\":\"https://support.apple.com/kb/HT212980\",\"source\":\"product-security@apple.com\"}]}}"
}
}
Loading...