Apple Security Update 2021-005 Mojave vulnerabilities

CVE-2021-30805 [CRITICAL] CVE-2021-30805: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30805 Component: AMD Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved input validation.

CVE-2021-30793 [CRITICAL] CVE-2021-30793: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30793 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A logic issue was addressed with improved state management.

CVE-2021-30781 [HIGH] CVE-2021-30781: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30781 Component: Audio Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: This issue was addressed with improved checks.

CVE-2021-30780 [HIGH] CVE-2021-30780: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30780 Component: CVMS Impact: A malicious application may be able to gain root privileges Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2021-30777 [HIGH] CVE-2021-30777: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30777 Component: CoreStorage Impact: A malicious application may be able to gain root privileges Description: An injection issue was addressed with improved validation.

CVE-2021-30759 [HIGH] CVE-2021-30759: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30759 Component: FontParser Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: A stack overflow was addressed with improved input validation.

CVE-2021-30765 [HIGH] CVE-2021-30765: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30765 Component: Intel Graphics Driver Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation.

CVE-2021-30792 [HIGH] CVE-2021-30792: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30792 Component: Model I/O Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation.

CVE-2021-30766 [HIGH] CVE-2021-30766: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30766 Component: Intel Graphics Driver Impact: An application may be able to execute arbitrary code with kernel privileges Description: An out-of-bounds write was addressed with improved input validation.

CVE-2021-30703 [HIGH] CVE-2021-30703: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30703 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A double free issue was addressed with improved memory management.

CVE-2021-30799 [HIGH] CVE-2021-30799: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30799 Component: WebKit Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling.

CVE-2021-30772 [HIGH] CVE-2021-30772: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30772 Component: CoreServices Impact: A malicious application may be able to gain root privileges Description: This issue was addressed with improved checks.

CVE-2021-30672 [HIGH] CVE-2021-30672: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30672 Component: Bluetooth Impact: A malicious application may be able to gain root privileges Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30790 [HIGH] CVE-2021-30790: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30790 Component: AppKit Impact: Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution Description: An information disclosure issue was addressed by removing the vulnerable code.

CVE-2021-30784 [HIGH] CVE-2021-30784: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30784 Component: IOKit Impact: A local attacker may be able to execute code on the Apple T2 Security Chip Description: Multiple issues were addressed with improved logic.

CVE-2021-30760 [HIGH] CVE-2021-30760: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30760 Component: FontParser Impact: Processing a maliciously crafted font file may lead to arbitrary code execution Description: An integer overflow was addressed through improved input validation.

CVE-2021-30677 [HIGH] CVE-2021-30677: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30677 Component: LaunchServices Impact: A malicious application may be able to break out of its sandbox Description: This issue was addressed with improved environment sanitization.

CVE-2021-30787 [HIGH] CVE-2021-30787: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30787 Component: Intel Graphics Driver Impact: An application may be able to cause unexpected system termination or write kernel memory Description: This issue was addressed with improved checks.

CVE-2021-30788 [HIGH] CVE-2021-30788: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30788 Component: FontParser Impact: Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents Description: This issue was addressed with improved checks.

CVE-2021-30783 [MEDIUM] CVE-2021-30783: Security Update 2021-005 Mojave Apple Security Update: About the security content of Security Update 2021-005 Mojave Product: Security Update 2021-005 Mojave CVE: CVE-2021-30783 Component: LaunchServices Impact: A sandboxed process may be able to circumvent sandbox restrictions Description: An access issue was addressed with improved access restrictions.