Apple Security Update 2021-003 Catalina vulnerabilities

CVE-2021-30715 [HIGH] CVE-2021-30715: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30715 Component: Kernel Impact: Processing a maliciously crafted message may lead to a denial of service Description: A logic issue was addressed with improved state management.

CVE-2021-30701 [HIGH] CVE-2021-30701: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30701 Component: ImageIO Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2020-36222 [HIGH] CVE-2020-36222: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2020-36222 Component: CVE-2020-36222

CVE-2021-30704 [HIGH] CVE-2021-30704: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30704 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management.

CVE-2021-30728 [HIGH] CVE-2021-30728: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30728 Component: Intel Graphics Driver Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2021-30719 [HIGH] CVE-2021-30719: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30719 Component: Intel Graphics Driver Impact: An out-of-bounds read issue was addressed by removing the vulnerable code Description: A local user may be able to cause unexpected system termination or read kernel memory.

CVE-2021-30693 [HIGH] CVE-2021-30693: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30693 Component: Model I/O Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A validation issue was addressed with improved logic.

CVE-2021-30676 [HIGH] CVE-2021-30676: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30676 Component: AMD Impact: A local user may be able to cause unexpected system termination or read kernel memory Description: A logic issue was addressed with improved state management.

CVE-2021-30724 [HIGH] CVE-2021-30724: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30724 Component: CVMS Impact: A local attacker may be able to elevate their privileges Description: This issue was addressed with improved checks.

CVE-2021-30726 [HIGH] CVE-2021-30726: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30726 Component: Intel Graphics Driver Impact: An out-of-bounds write issue was addressed with improved bounds checking Description: A malicious application may be able to execute arbitrary code with kernel privileges.

CVE-2020-36223 [HIGH] CVE-2020-36223: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2020-36223 Component: CVE-2020-36223

CVE-2021-30683 [HIGH] CVE-2021-30683: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30683 Component: Heimdal Impact: A malicious application could execute arbitrary code leading to compromise of user information Description: A use after free issue was addressed with improved memory management.

CVE-2021-30739 [HIGH] CVE-2021-30739: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30739 Component: Kernel Impact: A memory corruption issue was addressed with improved validation Description: A local attacker may be able to elevate their privileges.

CVE-2020-36228 [HIGH] CVE-2020-36228: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2020-36228 Component: CVE-2020-36228

CVE-2020-29629 [MEDIUM] CVE-2020-29629: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2020-29629 Component: FontParser Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30685 [MEDIUM] CVE-2021-30685: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30685 Component: Audio Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: This issue was addressed with improved checks.

CVE-2021-30694 [MEDIUM] CVE-2021-30694: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30694 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30691 [MEDIUM] CVE-2021-30691: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30691 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An information disclosure issue was addressed with improved state management.

CVE-2021-30746 [MEDIUM] CVE-2021-30746: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30746 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30696 [MEDIUM] CVE-2021-30696: Security Update 2021-003 Catalina Apple Security Update: About the security content of Security Update 2021-003 Catalina Product: Security Update 2021-003 Catalina CVE: CVE-2021-30696 Component: Mail Impact: A logic issue was addressed with improved state management Description: An attacker in a privileged network position may be able to misrepresent application state.