cve-2021-30983
Vulnerability from cvelistv5
Published
2021-08-24 18:51
Modified
2024-08-03 22:48
Severity
Summary
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges.
References
Source | URL | Tags |
---|---|---|
product-security@apple.com | https://support.apple.com/en-us/HT212976 | Release Notes, Vendor Advisory |
Impacted products
Vendor | Product |
---|---|
Apple | iOS and iPadOS |
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog
Date added: 2022-06-27
Due date: 2022-07-18
Required action: Apply updates per vendor instructions.
Used in ransomware: Unknown
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T22:48:14.291Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://support.apple.com/en-us/HT212976" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "iOS and iPadOS", "vendor": "Apple", "versions": [ { "lessThan": "15.2", "status": "affected", "version": "unspecified", "versionType": "custom" } ] } ], "descriptions": [ { "lang": "en", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges." } ], "problemTypes": [ { "descriptions": [ { "description": "An application may be able to execute arbitrary code with kernel privileges", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-12-23T20:06:42", "orgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "shortName": "apple" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://support.apple.com/en-us/HT212976" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@apple.com", "ID": "CVE-2021-30983", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "iOS and iPadOS", "version": { "version_data": [ { "version_affected": "\u003c", "version_value": "15.2" } ] } } ] }, "vendor_name": "Apple" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "An application may be able to execute arbitrary code with kernel privileges" } ] } ] }, "references": { "reference_data": [ { "name": "https://support.apple.com/en-us/HT212976", "refsource": "MISC", "url": "https://support.apple.com/en-us/HT212976" } ] } } } }, "cveMetadata": { "assignerOrgId": "286789f9-fbc2-4510-9f9a-43facdede74c", "assignerShortName": "apple", "cveId": "CVE-2021-30983", "datePublished": "2021-08-24T18:51:21", "dateReserved": "2021-04-13T00:00:00", "dateUpdated": "2024-08-03T22:48:14.291Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "cisa_known_exploited": { "cveID": "CVE-2021-30983", "dateAdded": "2022-06-27", "dueDate": "2022-07-18", "knownRansomwareCampaignUse": "Unknown", "notes": "", "product": "iOS and iPadOS", "requiredAction": "Apply updates per vendor instructions.", "shortDescription": "Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges.", "vendorProject": "Apple", "vulnerabilityName": "Apple iOS and iPadOS Buffer Overflow Vulnerability" }, "nvd": "{\"cve\":{\"id\":\"CVE-2021-30983\",\"sourceIdentifier\":\"product-security@apple.com\",\"published\":\"2021-08-24T19:15:23.507\",\"lastModified\":\"2024-06-28T14:13:38.343\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"cisaExploitAdd\":\"2022-06-27\",\"cisaActionDue\":\"2022-07-18\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Apple iOS and iPadOS Buffer Overflow Vulnerability\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges.\"},{\"lang\":\"es\",\"value\":\"Se solucion\u00f3 un problema de desbordamiento del b\u00fafer con una administraci\u00f3n de la memoria mejorada.\u0026#xa0;Este problema se solucion\u00f3 en iOS versi\u00f3n 15.2 e iPadOS versi\u00f3n 15.2.\u0026#xa0;Una aplicaci\u00f3n puede ejecutar c\u00f3digo arbitrario con privilegios del kernel\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":9.3},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-120\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"CCE4E546-A0DD-4E9E-A6B9-C19B04D77466\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"15.2\",\"matchCriteriaId\":\"7FB904C1-43D1-4583-8729-5D1B1746A54C\"}]}]}],\"references\":[{\"url\":\"https://support.apple.com/en-us/HT212976\",\"source\":\"product-security@apple.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]}]}}" } }
Loading...