Sign-up

ID

VAR-202104-0620


CVE

CVE-2021-1797


TITLE

Apple macOS Security hole

Trust: 0.6

sources: CNNVD: CNNVD-202102-079

DESCRIPTION

The issue was addressed with improved permissions logic. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to read arbitrary files. Apple macOS is a set of dedicated operating systems developed by Apple Corporation for Mac computers. A security vulnerability exists in Apple macOS due to applications not properly imposing security restrictions within the APFS component of macOS. Vulnerabilities exist in the following products or versions: macOS 11.0, macOS 11.0.1, macOS 11.1. Information about the security content is also available at https://support.apple.com/HT212327. CVE-2021-1797: Thomas Tempelmann Audio Available for: macOS Mojave Impact: An application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1808: JunDong Xie of Ant Security Light-Year Lab CFNetwork Available for: macOS Mojave Impact: Processing maliciously crafted web content may disclose sensitive user information Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1857: an anonymous researcher CoreAudio Available for: macOS Mojave Impact: A malicious application may be able to read restricted memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1809: JunDong Xie of Ant Security Light-Year Lab CoreGraphics Available for: macOS Mojave Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: A memory corruption issue was addressed with improved validation. CVE-2021-1847: Xuwei Liu of Purdue University CoreText Available for: macOS Mojave Impact: Processing a maliciously crafted font may result in the disclosure of process memory Description: A logic issue was addressed with improved state management. CVE-2021-1811: Xingwei Lin of Ant Security Light-Year Lab curl Available for: macOS Mojave Impact: A remote attacker may be able to cause a denial of service Description: A buffer overflow was addressed with improved input validation. CVE-2020-8285: xnynx curl Available for: macOS Mojave Impact: An attacker may provide a fraudulent OCSP response that would appear valid Description: This issue was addressed with improved checks. CVE-2020-8286: an anonymous researcher DiskArbitration Available for: macOS Mojave Impact: A malicious application may be able to modify protected parts of the file system Description: A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks. CVE-2021-1784: Csaba Fitzl (@theevilbit) of Offensive Security, an anonymous researcher, and Mikko Kenttälä (@Turmio_) of SensorFu FontParser Available for: macOS Mojave Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-1881: Hou JingYi (@hjy79425575) of Qihoo 360, an anonymous researcher, Xingwei Lin of Ant Security Light-Year Lab, and Mickey Jin of Trend Micro FontParser Available for: macOS Mojave Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2020-27942: an anonymous researcher Foundation Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: A validation issue was addressed with improved logic. CVE-2021-1813: Cees Elzinga ImageIO Available for: macOS Mojave Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-1843: Ye Zhang of Baidu Security Intel Graphics Driver Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation. CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with additional validation. CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Intel Graphics Driver Available for: macOS Mojave Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-1834: ABC Research s.r.o. working with Trend Micro Zero Day Initiative Kernel Available for: macOS Mojave Impact: A malicious application may be able to disclose kernel memory Description: A memory initialization issue was addressed with improved memory handling. CVE-2021-1860: @0xalsr Kernel Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management. CVE-2021-1851: @0xalsr Kernel Available for: macOS Mojave Impact: A local attacker may be able to elevate their privileges Description: A memory corruption issue was addressed with improved validation. CVE-2021-1840: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab libxpc Available for: macOS Mojave Impact: A malicious application may be able to gain root privileges Description: A race condition was addressed with additional validation. CVE-2021-30652: James Hutchins libxslt Available for: macOS Mojave Impact: Processing a maliciously crafted file may lead to heap corruption Description: A double free issue was addressed with improved memory management. CVE-2021-1875: Found by OSS-Fuzz NSRemoteView Available for: macOS Mojave Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-1876: Matthew Denton of Google Chrome Preferences Available for: macOS Mojave Impact: A local user may be able to modify protected parts of the file system Description: A parsing issue in the handling of directory paths was addressed with improved path validation. CVE-2021-1739: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) smbx Available for: macOS Mojave Impact: An attacker in a privileged network position may be able to leak sensitive user information Description: An integer overflow was addressed with improved input validation. CVE-2021-1878: Aleksandar Nikolic of Cisco Talos (talosintelligence.com) Tailspin Available for: macOS Mojave Impact: A local attacker may be able to elevate their privileges Description: A logic issue was addressed with improved state management. CVE-2021-1868: Tim Michaud of Zoom Communications tcpdump Available for: macOS Mojave Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed with improved checks. CVE-2020-8037: an anonymous researcher Time Machine Available for: macOS Mojave Impact: A local attacker may be able to elevate their privileges Description: The issue was addressed with improved permissions logic. CVE-2021-1839: Tim Michaud(@TimGMichaud) of Zoom Video Communications and Gary Nield of ECSC Group plc Wi-Fi Available for: macOS Mojave Impact: An application may be able to cause unexpected system termination or write kernel memory Description: A memory corruption issue was addressed with improved validation. CVE-2021-1828: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong Security Lab wifivelocityd Available for: macOS Mojave Impact: An application may be able to execute arbitrary code with system privileges Description: The issue was addressed with improved permissions logic. CVE-2020-3838: Dayton Pidhirney (@_watbulb) Windows Server Available for: macOS Mojave Impact: A malicious application may be able to unexpectedly leak a user's credentials from secure text fields Description: An API issue in Accessibility TCC permissions was addressed with improved state management. CVE-2021-1873: an anonymous researcher Installation note: This update may be obtained from the Mac App Store or Apple's Software Downloads web site: https://support.apple.com/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmCHO2EACgkQZcsbuWJ6 jjBHBhAAmHYbcREaaxOXQwrb56He+ool1GyXUCGknHRnEO6Ik0nyE/GeUPuv8Y/Q /ywr188mv3ehtjFlXWpHtqwOn0KoNlAlcE+jy9r3QGTxNmBM2z30FeC0wiYYEi7s I5xWkZIcnO1jq2CMGVHHfbLhyLnkWblwWvCOWriCRzbTocEWgEqwrh/uguTVRWB4 oVo8+uHcdiS2gqS0LIMbbvP6SGkfPwVlL8Mr/e96xdditiRbZX01GkAm0l5ezYHt xrs8378fmQK3su4dHrkHpFpTmT3Yib8Jtotat8cgu6lWxLGEFR5kOye4QIjFCl/a UhnR52nlMyYlh4anbqUs7PAh2QDVa3scaRfGTdAogPfaZIAhaaiuj8qXUOsAxEhk rf0TOXmgCDfhuaA08Ys43sgUgunPLOa2+jMT4VspLZxDTkWLDrGFjlM4P5643WrT ITAKLoqq8SOhce6gd3VECvG+EK/fBWrdwzsVDzfxU3yW3kSCKxX25KcRePwJZAAu s1ZZpIZdY7rmi1DwafNSig2dncjUZJy6AhiI5w6cpQzBOQVioU8oac2JDi1X2Rn1 k/D3VQfmYas7HGqUSwx3MUx+yybktm+8Ogo+vtcRKCzUF5t13bwpyAda0mJ62c6L I/ISWomRdC4XX3AQL5EJLzO9slpOBqWsbQb0cULdt+mb4H+nLDE= =NZ77 -----END PGP SIGNATURE-----

Trust: 1.26

sources: NVD: CVE-2021-1797 // VULHUB: VHN-376457 // VULMON: CVE-2021-1797 // PACKETSTORM: 162360 // PACKETSTORM: 162362

AFFECTED PRODUCTS

vendor:applemodel:tvosscope:ltversion:14.4

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.14.6

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.2

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:ipad osscope:ltversion:14.4

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:7.3

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0.1

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.4

Trust: 1.0

sources: NVD: CVE-2021-1797

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-1797
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-202102-079
value: MEDIUM

Trust: 0.6

VULHUB: VHN-376457
value: LOW

Trust: 0.1

VULMON: CVE-2021-1797
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2021-1797
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-376457
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-1797
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-376457 // VULMON: CVE-2021-1797 // CNNVD: CNNVD-202102-079 // NVD: CVE-2021-1797

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2021-1797

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202102-079

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202102-079

PATCH

title:Apple macOS Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=140291

Trust: 0.6

sources: CNNVD: CNNVD-202102-079

EXTERNAL IDS

db:NVDid:CVE-2021-1797

Trust: 2.0

db:PACKETSTORMid:162360

Trust: 0.8

db:AUSCERTid:ESB-2021.1416

Trust: 0.6

db:AUSCERTid:ESB-2021.0354

Trust: 0.6

db:CNNVDid:CNNVD-202102-079

Trust: 0.6

db:PACKETSTORMid:162362

Trust: 0.2

db:VULHUBid:VHN-376457

Trust: 0.1

db:VULMONid:CVE-2021-1797

Trust: 0.1

sources: VULHUB: VHN-376457 // VULMON: CVE-2021-1797 // PACKETSTORM: 162360 // PACKETSTORM: 162362 // CNNVD: CNNVD-202102-079 // NVD: CVE-2021-1797

REFERENCES

url:https://support.apple.com/kb/ht212326

Trust: 1.8

url:https://support.apple.com/kb/ht212327

Trust: 1.8

url:http://seclists.org/fulldisclosure/2021/apr/51

Trust: 1.8

url:https://support.apple.com/en-us/ht212146

Trust: 1.8

url:https://support.apple.com/en-us/ht212147

Trust: 1.8

url:https://support.apple.com/en-us/ht212148

Trust: 1.8

url:https://support.apple.com/en-us/ht212149

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2021-1797

Trust: 0.8

url:https://packetstormsecurity.com/files/162360/apple-security-advisory-2021-04-26-3.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-34452

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.0354/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.1416

Trust: 0.6

url:https://support.apple.com/en-us/ht212327

Trust: 0.6

url:http://seclists.org/fulldisclosure/2021/apr/54

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1860

Trust: 0.2

url:https://support.apple.com/kb/ht201222

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1857

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1813

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1840

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1876

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1739

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1851

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1828

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1809

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1875

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8037

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1784

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1847

Trust: 0.2

url:https://support.apple.com/downloads/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1843

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-27942

Trust: 0.2

url:https://www.apple.com/support/security/pgp/

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1811

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1839

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-3838

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8285

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1834

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1873

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2020-8286

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1808

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-1868

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://support.apple.com/ht212326.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1810

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1824

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1740

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1878

Trust: 0.1

url:https://support.apple.com/ht212327.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1806

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-1805

Trust: 0.1

sources: VULHUB: VHN-376457 // VULMON: CVE-2021-1797 // PACKETSTORM: 162360 // PACKETSTORM: 162362 // CNNVD: CNNVD-202102-079 // NVD: CVE-2021-1797

CREDITS

Apple

Trust: 0.8

sources: PACKETSTORM: 162360 // PACKETSTORM: 162362 // CNNVD: CNNVD-202102-079

SOURCES

db:VULHUBid:VHN-376457
db:VULMONid:CVE-2021-1797
db:PACKETSTORMid:162360
db:PACKETSTORMid:162362
db:CNNVDid:CNNVD-202102-079
db:NVDid:CVE-2021-1797

LAST UPDATE DATE

2024-08-14T12:57:08.975000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-376457date:2021-05-04T00:00:00
db:VULMONid:CVE-2021-1797date:2021-05-04T00:00:00
db:CNNVDid:CNNVD-202102-079date:2021-11-03T00:00:00
db:NVDid:CVE-2021-1797date:2021-05-04T19:35:58.780

SOURCES RELEASE DATE

db:VULHUBid:VHN-376457date:2021-04-02T00:00:00
db:VULMONid:CVE-2021-1797date:2021-04-02T00:00:00
db:PACKETSTORMid:162360date:2021-04-28T14:58:36
db:PACKETSTORMid:162362date:2021-04-28T15:00:23
db:CNNVDid:CNNVD-202102-079date:2021-02-02T00:00:00
db:NVDid:CVE-2021-1797date:2021-04-02T19:15:19.520