ID

VAR-202108-1273


CVE

CVE-2021-30958


TITLE

Out-of-bounds read vulnerability in multiple Apple products

Trust: 0.8

sources: JVNDB: JVNDB-2021-021129

DESCRIPTION

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6.2, tvOS 15.2, macOS Monterey 12.1, Security Update 2021-008 Catalina, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Playing a malicious audio file may lead to arbitrary code execution. iPadOS , iOS , Apple Mac OS X Multiple Apple products contain out-of-bounds read vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by the CVE program. Notes: none. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-12-15-1 iOS 15.2 and iPadOS 15.2 iOS 15.2 and iPadOS 15.2 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212976. Audio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30960: JunDong Xie of Ant Security Light-Year Lab CFNetwork Proxies Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: User traffic might unexpectedly be leaked to a proxy server despite PAC configurations Description: A logic issue was addressed with improved state management. CVE-2021-30966: Michal Rajcan of Jamf, Matt Vlasach of Jamf (Wandera) ColorSync Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation. CVE-2021-30926: Jeremy Brown CVE-2021-30942: Mateusz Jurczyk of Google Project Zero CoreAudio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30957: JunDong Xie of Ant Security Light-Year Lab CoreAudio Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Playing a malicious audio file may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30958: JunDong Xie of Ant Security Light-Year Lab Crash Reporter Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A local attacker may be able to elevate their privileges Description: This issue was addressed with improved checks. CVE-2021-30945: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) FaceTime Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A user in a FaceTime call may unexpectedly leak sensitive user information through Live Photos metadata Description: This issue was addressed with improved handling of file metadata. CVE-2021-30992: Aaron Raimist ImageIO Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30939: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab, Mickey Jin (@patch1t) of Trend Micro IOMobileFrameBuffer Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2021-30996: Saar Amar (@AmarSaar) IOMobileFrameBuffer Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30983: Pangu IOMobileFrameBuffer Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30985: Tielei Wang of Pangu Lab IOMobileFrameBuffer Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30991: Tielei Wang of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption vulnerability was addressed with improved locking. CVE-2021-30937: Sergei Glazunov of Google Project Zero Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free issue was addressed with improved memory management. CVE-2021-30927: Xinru Chi of Pangu Lab CVE-2021-30980: Xinru Chi of Pangu Lab Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management. CVE-2021-30949: Ian Beer of Google Project Zero Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An attacker in a privileged network position may be able to execute arbitrary code Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30993: OSS-Fuzz, Ned Williamson of Google Project Zero Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling. CVE-2021-30955: Zweig of Kunlun Lab Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30971: Ye Zhang (@co0py_Cat) of Baidu Security Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted file may disclose user information Description: An out-of-bounds read was addressed with improved input validation. CVE-2021-30973: Ye Zhang (@co0py_Cat) of Baidu Security Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds write issue was addressed with improved bounds checking. CVE-2021-30929: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30979: Mickey Jin (@patch1t) of Trend Micro Model I/O Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted USD file may disclose memory contents Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30940: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab CVE-2021-30941: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab NetworkExtension Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A local attacker may be able to read sensitive information Description: A permissions issue was addressed with improved validation. CVE-2021-30967: Denis Tokarev (@illusionofcha0s) NetworkExtension Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to identify what other applications a user has installed Description: A permissions issue was addressed with improved validation. CVE-2021-30988: Denis Tokarev (@illusionofcha0s) Notes Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A person with physical access to an iOS device may be able to access contacts from the lock screen Description: The issue was addressed with improved permissions logic. CVE-2021-30932: Kevin Böttcher Password Manager Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A person with physical access to an iOS device may be able to access stored passwords without authentication Description: An inconsistent user interface issue was addressed with improved state management. CVE-2021-30948: Patrick Glogner Preferences Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to elevate privileges Description: A race condition was addressed with improved state handling. CVE-2021-30995: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t) Sandbox Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to bypass certain Privacy preferences Description: A validation issue related to hard link behavior was addressed with improved sandbox restrictions. CVE-2021-30968: Csaba Fitzl (@theevilbit) of Offensive Security Sandbox Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to bypass certain Privacy preferences Description: A logic issue was addressed with improved restrictions. CVE-2021-30946: @gorelics Sandbox Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to access a user's files Description: An access issue was addressed with additional sandbox restrictions. CVE-2021-30947: Csaba Fitzl (@theevilbit) of Offensive Security TCC Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A local user may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management. CVE-2021-30767: @gorelics TCC Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to bypass Privacy preferences Description: An inherited permissions issue was addressed with additional restrictions. CVE-2021-30964: Andy Grant of Zoom Video Communications WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A buffer overflow issue was addressed with improved memory handling. CVE-2021-30934: Dani Biro WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A use after free issue was addressed with improved memory management. CVE-2021-30936: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua wingtecher lab CVE-2021-30951: Pangu WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An integer overflow was addressed with improved input validation. CVE-2021-30952: WeBin WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A race condition was addressed with improved state handling. CVE-2021-30984: Kunlun Lab WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: An out-of-bounds read was addressed with improved bounds checking. CVE-2021-30953: VRIJ WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A type confusion issue was addressed with improved memory handling. CVE-2021-30954: Kunlun Lab Additional recognition Bluetooth We would like to acknowledge Haram Park, Korea University for their assistance. CloudKit We would like to acknowledge Ryan Pickren (ryanpickren.com) for their assistance. ColorSync We would like to acknowledge Mateusz Jurczyk of Google Project Zero for their assistance. Contacts We would like to acknowledge Minchan Park (03stin) for their assistance. CoreText We would like to acknowledge Yuto Sakata of Osaka Institute of Technology, an anonymous researcher for their assistance. Kernel We would like to acknowledge Amit Klein of Bar-Ilan University's Center for Research in Applied Cryptography and Cyber Security for their assistance. Model I/O We would like to acknowledge Rui Yang and Xingwei Lin of Ant Security Light-Year Lab for their assistance. WebKit We would like to acknowledge Peter Snyder of Brave and Soroush Karami for their assistance. Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About * The version after applying this update will be "15.2" Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmG6UlcACgkQeC9qKD1p rhiG7Q//QAlwYO3POlhNzv+lp++7j1r5DklzW3HpKgiSZ/6BEIK3mrUlfL5uzLL6 Z802CRYyVw1cbZT789t9NX3Ai4XrLDAv2cSRdim7TEID4ElM3+bJP+UcSwsIO822 M093OFzR4VmYhMoKbWYb6VPxUl9kLqgrD/k7ps6qbZJJVlLHblS1xS/MEyh3go/G pey2+qSOuEiuODaUWnUpEicfI3pCMDqoALJPqYNq6EOhDDcTc3XztOkIRBOY3AU3 VdqLn+FkTXn5WxGqUNDBOQEJzu0v5ZBw4H+7dz+SNvq0v7xWuLpPQm5WeDv4u3gy 9KBCu5YFDYaix4K4pA6N4oZ3D3A+ildx8D5PtfGK0gpRUbnsjf7fhvQwjG58TO7G yoBKMFWCbyDvBqT6wNXYkb9CTNwxs3KzpRAVuww6+tFkBIVeg/2d5IK5d/oVQGNW QbATKirLNYq5kHRNKtv506QGCazeEk7dhxlVB31fDavr4cmf533zrrlLNrIdYREA y2yYuCOsQZTEC2R74ljTf4BJ9zDlaAE/NVFtvZrSNOpYfoJ7ps6VdSCS7Z/4+GvS 2cF8IIscQ24Ovlfd6YTP7V5jL3JYuI/4W4Wx7/FLFpHbAt0+2CcaVf+V6rQrlyLr 0WJNv9KTxKL9JbqJ04bMVu/qcxcRShGHKeSeBD804FlPjoaN9Vw= =eZuK -----END PGP SIGNATURE----- . Airport Available for: macOS Monterey Impact: A device may be passively tracked via BSSIDs Description: An access issue was addressed with improved access restrictions. CVE-2021-30987: Jason Meller, Fritz Ifert-Miller, and Joseph Sokol- Margolis of Kolide Archive Utility Available for: macOS Monterey Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management. CVE-2021-30960: JunDong Xie of Ant Security Light-Year Lab Bluetooth Available for: macOS Monterey Impact: A device may be passively tracked by its Bluetooth MAC address Description: A device configuration issue was addressed with an updated configuration. CVE-2021-30986: Min (Spark) Zheng, Xiaolong Bai of Alibaba Inc. CVE-2021-30977: Jack Dates of RET2 Systems, Inc. CVE-2021-30996: Saar Amar (@AmarSaar) IOUSBHostFamily Available for: macOS Monterey Impact: A remote attacker may be able to cause unexpected application termination or heap corruption Description: A race condition was addressed with improved locking. CVE-2021-30955: Zweig of Kunlun Lab LaunchServices Available for: macOS Monterey Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management. CVE-2021-30976: chenyuwang (@mzzzz__) and Kirin (@Pwnrin) of Tencent Security Xuanwu Lab LaunchServices Available for: macOS Monterey Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved validation. CVE-2021-30947: Csaba Fitzl (@theevilbit) of Offensive Security Script Editor Available for: macOS Monterey Impact: A malicious OSAX scripting addition may bypass Gatekeeper checks and circumvent sandbox restrictions Description: This issue was addressed by disabling execution of JavaScript when viewing a scripting dictionary. CVE-2021-30954: Kunlun Lab Wi-Fi Available for: macOS Monterey Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: This issue was addressed with improved checks. Alternatively, on your watch, select "My Watch > General > About"

Trust: 2.34

sources: NVD: CVE-2021-30958 // JVNDB: JVNDB-2021-021129 // VULHUB: VHN-390691 // VULMON: CVE-2021-30958 // PACKETSTORM: 165354 // PACKETSTORM: 165355 // PACKETSTORM: 165356 // PACKETSTORM: 165357 // PACKETSTORM: 165358 // PACKETSTORM: 165359

AFFECTED PRODUCTS

vendor:applemodel:ipadosscope:ltversion:15.2

Trust: 1.0

vendor:applemodel:macosscope:ltversion:12.1

Trust: 1.0

vendor:applemodel:tvosscope:ltversion:15.2

Trust: 1.0

vendor:applemodel:macosscope:gteversion:12.0

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:15.2

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.6.2

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.15.7

Trust: 1.0

vendor:applemodel:watchosscope:ltversion:8.3

Trust: 1.0

vendor:アップルmodel:ipadosscope: - version: -

Trust: 0.8

vendor:アップルmodel:macosscope: - version: -

Trust: 0.8

vendor:アップルmodel:apple mac os xscope: - version: -

Trust: 0.8

vendor:アップルmodel:iosscope: - version: -

Trust: 0.8

vendor:アップルmodel:watchosscope:eqversion:8.3

Trust: 0.8

vendor:アップルmodel:tvosscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2021-021129 // NVD: CVE-2021-30958

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2021-30958
value: HIGH

Trust: 1.0

NVD: CVE-2021-30958
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202108-2061
value: HIGH

Trust: 0.6

VULHUB: VHN-390691
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2021-30958
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-390691
severity: MEDIUM
baseScore: 6.8
vectorString: AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.6
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2021-30958
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2021-30958
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-390691 // JVNDB: JVNDB-2021-021129 // CNNVD: CNNVD-202108-2061 // NVD: CVE-2021-30958

PROBLEMTYPE DATA

problemtype:CWE-125

Trust: 1.1

problemtype:Out-of-bounds read (CWE-125) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-390691 // JVNDB: JVNDB-2021-021129 // NVD: CVE-2021-30958

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202108-2061

TYPE

overflow, code execution

Trust: 0.6

sources: PACKETSTORM: 165354 // PACKETSTORM: 165355 // PACKETSTORM: 165356 // PACKETSTORM: 165357 // PACKETSTORM: 165358 // PACKETSTORM: 165359

PATCH

title:HT212980 Apple  Security updateurl:https://support.apple.com/en-us/HT212975

Trust: 0.8

title:Apple iOS and iPadOS Buffer error vulnerability fixurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=174552

Trust: 0.6

sources: JVNDB: JVNDB-2021-021129 // CNNVD: CNNVD-202108-2061

EXTERNAL IDS

db:NVDid:CVE-2021-30958

Trust: 4.0

db:PACKETSTORMid:165356

Trust: 0.8

db:PACKETSTORMid:165359

Trust: 0.8

db:JVNDBid:JVNDB-2021-021129

Trust: 0.8

db:CS-HELPid:SB2021121434

Trust: 0.6

db:AUSCERTid:ESB-2021.4260

Trust: 0.6

db:CNNVDid:CNNVD-202108-2061

Trust: 0.6

db:PACKETSTORMid:165355

Trust: 0.2

db:PACKETSTORMid:165357

Trust: 0.2

db:PACKETSTORMid:165358

Trust: 0.2

db:PACKETSTORMid:165354

Trust: 0.2

db:VULHUBid:VHN-390691

Trust: 0.1

db:VULMONid:CVE-2021-30958

Trust: 0.1

sources: VULHUB: VHN-390691 // VULMON: CVE-2021-30958 // JVNDB: JVNDB-2021-021129 // PACKETSTORM: 165354 // PACKETSTORM: 165355 // PACKETSTORM: 165356 // PACKETSTORM: 165357 // PACKETSTORM: 165358 // PACKETSTORM: 165359 // CNNVD: CNNVD-202108-2061 // NVD: CVE-2021-30958

REFERENCES

url:https://support.apple.com/en-us/ht212976

Trust: 2.3

url:https://support.apple.com/en-us/ht212975

Trust: 1.7

url:https://support.apple.com/en-us/ht212978

Trust: 1.7

url:https://support.apple.com/en-us/ht212979

Trust: 1.7

url:https://support.apple.com/en-us/ht212980

Trust: 1.7

url:https://support.apple.com/en-us/ht212981

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2021-30958

Trust: 1.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30927

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30945

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30939

Trust: 0.6

url:https://www.apple.com/support/security/pgp/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30937

Trust: 0.6

url:https://support.apple.com/kb/ht201222

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30949

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30942

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.4260

Trust: 0.6

url:https://packetstormsecurity.com/files/165359/apple-security-advisory-2021-12-15-6.html

Trust: 0.6

url:https://vigilance.fr/vulnerability/apple-macos-multiple-vulnerabilities-37064

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021121434

Trust: 0.6

url:https://packetstormsecurity.com/files/165356/apple-security-advisory-2021-12-15-3.html

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2021-30966

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30926

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30957

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30960

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30950

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30955

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30973

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30971

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30980

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30929

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30968

Trust: 0.4

url:https://nvd.nist.gov/vuln/detail/cve-2021-30993

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30977

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30976

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30767

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30947

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2021-30982

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30986

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30981

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30987

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30990

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30996

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30961

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30969

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30938

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30935

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30941

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30963

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30965

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30931

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30959

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30946

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30940

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30936

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30984

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30953

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30916

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30952

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30951

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30954

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2021-30934

Trust: 0.2

url:https://nvd.nist.gov

Trust: 0.1

url:https://support.apple.com/ht212976.

Trust: 0.1

url:https://www.apple.com/itunes/

Trust: 0.1

url:https://support.apple.com/ht212978.

Trust: 0.1

url:https://support.apple.com/ht212979.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30970

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30975

Trust: 0.1

url:https://support.apple.com/ht212981.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30995

Trust: 0.1

url:https://support.apple.com/ht212980.

Trust: 0.1

url:https://support.apple.com/kb/ht204641

Trust: 0.1

url:https://support.apple.com/ht212975.

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2021-30964

Trust: 0.1

sources: VULHUB: VHN-390691 // VULMON: CVE-2021-30958 // JVNDB: JVNDB-2021-021129 // PACKETSTORM: 165354 // PACKETSTORM: 165355 // PACKETSTORM: 165356 // PACKETSTORM: 165357 // PACKETSTORM: 165358 // PACKETSTORM: 165359 // CNNVD: CNNVD-202108-2061 // NVD: CVE-2021-30958

CREDITS

Apple

Trust: 0.6

sources: PACKETSTORM: 165354 // PACKETSTORM: 165355 // PACKETSTORM: 165356 // PACKETSTORM: 165357 // PACKETSTORM: 165358 // PACKETSTORM: 165359

SOURCES

db:VULHUBid:VHN-390691
db:VULMONid:CVE-2021-30958
db:JVNDBid:JVNDB-2021-021129
db:PACKETSTORMid:165354
db:PACKETSTORMid:165355
db:PACKETSTORMid:165356
db:PACKETSTORMid:165357
db:PACKETSTORMid:165358
db:PACKETSTORMid:165359
db:CNNVDid:CNNVD-202108-2061
db:NVDid:CVE-2021-30958

LAST UPDATE DATE

2024-08-14T12:19:31.175000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-390691date:2022-01-03T00:00:00
db:VULMONid:CVE-2021-30958date:2021-08-24T00:00:00
db:JVNDBid:JVNDB-2021-021129date:2024-07-18T01:42:00
db:CNNVDid:CNNVD-202108-2061date:2022-12-09T00:00:00
db:NVDid:CVE-2021-30958date:2023-11-07T03:34:03.413

SOURCES RELEASE DATE

db:VULHUBid:VHN-390691date:2021-08-24T00:00:00
db:VULMONid:CVE-2021-30958date:2021-08-24T00:00:00
db:JVNDBid:JVNDB-2021-021129date:2024-07-18T00:00:00
db:PACKETSTORMid:165354date:2021-12-17T19:17:09
db:PACKETSTORMid:165355date:2021-12-17T19:18:08
db:PACKETSTORMid:165356date:2021-12-17T19:19:33
db:PACKETSTORMid:165357date:2021-12-17T19:19:44
db:PACKETSTORMid:165358date:2021-12-17T19:19:55
db:PACKETSTORMid:165359date:2021-12-17T19:20:06
db:CNNVDid:CNNVD-202108-2061date:2021-08-24T00:00:00
db:NVDid:CVE-2021-30958date:2021-08-24T19:15:22.043