Apple Security Advisory 2021-04-26-4 - Security Update 2021-003 Mojave addresses buffer overflow, code execution, denial of service, double free, integer overflow, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
085c6075d838947dd67d434b7dca655198a676e3fba244100c6a5b22d8c8e963
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave
Security Update 2021-003 Mojave addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212327.
APFS
Available for: macOS Mojave
Impact: A local user may be able to read arbitrary files
Description: The issue was addressed with improved permissions logic.
CVE-2021-1797: Thomas Tempelmann
Audio
Available for: macOS Mojave
Impact: An application may be able to read restricted memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab
CFNetwork
Available for: macOS Mojave
Impact: Processing maliciously crafted web content may disclose
sensitive user information
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2021-1857: an anonymous researcher
CoreAudio
Available for: macOS Mojave
Impact: A malicious application may be able to read restricted memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab
CoreGraphics
Available for: macOS Mojave
Impact: Opening a maliciously crafted file may lead to unexpected
application termination or arbitrary code execution
Description: A memory corruption issue was addressed with improved
validation.
CVE-2021-1847: Xuwei Liu of Purdue University
CoreText
Available for: macOS Mojave
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: A logic issue was addressed with improved state
management.
CVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab
curl
Available for: macOS Mojave
Impact: A remote attacker may be able to cause a denial of service
Description: A buffer overflow was addressed with improved input
validation.
CVE-2020-8285: xnynx
curl
Available for: macOS Mojave
Impact: An attacker may provide a fraudulent OCSP response that would
appear valid
Description: This issue was addressed with improved checks.
CVE-2020-8286: an anonymous researcher
DiskArbitration
Available for: macOS Mojave
Impact: A malicious application may be able to modify protected parts
of the file system
Description: A permissions issue existed in DiskArbitration. This was
addressed with additional ownership checks.
CVE-2021-1784: Csaba Fitzl (@theevilbit) of Offensive Security, an
anonymous researcher, and Mikko Kenttälä (@Turmio_) of SensorFu
FontParser
Available for: macOS Mojave
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1881: Hou JingYi (@hjy79425575) of Qihoo 360, an anonymous
researcher, Xingwei Lin of Ant Security Light-Year Lab, and Mickey
Jin of Trend Micro
FontParser
Available for: macOS Mojave
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2020-27942: an anonymous researcher
Foundation
Available for: macOS Mojave
Impact: A malicious application may be able to gain root privileges
Description: A validation issue was addressed with improved logic.
CVE-2021-1813: Cees Elzinga
ImageIO
Available for: macOS Mojave
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-1843: Ye Zhang of Baidu Security
Intel Graphics Driver
Available for: macOS Mojave
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
Intel Graphics Driver
Available for: macOS Mojave
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed with additional
validation.
CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
Intel Graphics Driver
Available for: macOS Mojave
Impact: A malicious application may be able to execute arbitrary code
with kernel privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-1834: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
Kernel
Available for: macOS Mojave
Impact: A malicious application may be able to disclose kernel memory
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2021-1860: @0xalsr
Kernel
Available for: macOS Mojave
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A logic issue was addressed with improved state
management.
CVE-2021-1851: @0xalsr
Kernel
Available for: macOS Mojave
Impact: A local attacker may be able to elevate their privileges
Description: A memory corruption issue was addressed with improved
validation.
CVE-2021-1840: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
libxpc
Available for: macOS Mojave
Impact: A malicious application may be able to gain root privileges
Description: A race condition was addressed with additional
validation.
CVE-2021-30652: James Hutchins
libxslt
Available for: macOS Mojave
Impact: Processing a maliciously crafted file may lead to heap
corruption
Description: A double free issue was addressed with improved memory
management.
CVE-2021-1875: Found by OSS-Fuzz
NSRemoteView
Available for: macOS Mojave
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-1876: Matthew Denton of Google Chrome
Preferences
Available for: macOS Mojave
Impact: A local user may be able to modify protected parts of the
file system
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020)
of Tencent Security Xuanwu Lab (xlab.tencent.com)
smbx
Available for: macOS Mojave
Impact: An attacker in a privileged network position may be able to
leak sensitive user information
Description: An integer overflow was addressed with improved input
validation.
CVE-2021-1878: Aleksandar Nikolic of Cisco Talos
(talosintelligence.com)
Tailspin
Available for: macOS Mojave
Impact: A local attacker may be able to elevate their privileges
Description: A logic issue was addressed with improved state
management.
CVE-2021-1868: Tim Michaud of Zoom Communications
tcpdump
Available for: macOS Mojave
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-8037: an anonymous researcher
Time Machine
Available for: macOS Mojave
Impact: A local attacker may be able to elevate their privileges
Description: The issue was addressed with improved permissions logic.
CVE-2021-1839: Tim Michaud(@TimGMichaud) of Zoom Video Communications
and Gary Nield of ECSC Group plc
Wi-Fi
Available for: macOS Mojave
Impact: An application may be able to cause unexpected system
termination or write kernel memory
Description: A memory corruption issue was addressed with improved
validation.
CVE-2021-1828: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
wifivelocityd
Available for: macOS Mojave
Impact: An application may be able to execute arbitrary code with
system privileges
Description: The issue was addressed with improved permissions logic.
CVE-2020-3838: Dayton Pidhirney (@_watbulb)
Windows Server
Available for: macOS Mojave
Impact: A malicious application may be able to unexpectedly leak a
user's credentials from secure text fields
Description: An API issue in Accessibility TCC permissions was
addressed with improved state management.
CVE-2021-1873: an anonymous researcher
Installation note:
This update may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHO2EACgkQZcsbuWJ6
jjBHBhAAmHYbcREaaxOXQwrb56He+ool1GyXUCGknHRnEO6Ik0nyE/GeUPuv8Y/Q
/ywr188mv3ehtjFlXWpHtqwOn0KoNlAlcE+jy9r3QGTxNmBM2z30FeC0wiYYEi7s
I5xWkZIcnO1jq2CMGVHHfbLhyLnkWblwWvCOWriCRzbTocEWgEqwrh/uguTVRWB4
oVo8+uHcdiS2gqS0LIMbbvP6SGkfPwVlL8Mr/e96xdditiRbZX01GkAm0l5ezYHt
xrs8378fmQK3su4dHrkHpFpTmT3Yib8Jtotat8cgu6lWxLGEFR5kOye4QIjFCl/a
UhnR52nlMyYlh4anbqUs7PAh2QDVa3scaRfGTdAogPfaZIAhaaiuj8qXUOsAxEhk
rf0TOXmgCDfhuaA08Ys43sgUgunPLOa2+jMT4VspLZxDTkWLDrGFjlM4P5643WrT
ITAKLoqq8SOhce6gd3VECvG+EK/fBWrdwzsVDzfxU3yW3kSCKxX25KcRePwJZAAu
s1ZZpIZdY7rmi1DwafNSig2dncjUZJy6AhiI5w6cpQzBOQVioU8oac2JDi1X2Rn1
k/D3VQfmYas7HGqUSwx3MUx+yybktm+8Ogo+vtcRKCzUF5t13bwpyAda0mJ62c6L
I/ISWomRdC4XX3AQL5EJLzO9slpOBqWsbQb0cULdt+mb4H+nLDE=
=NZ77
-----END PGP SIGNATURE-----