Apple Security Update 2021-007 Catalina vulnerabilities

CVE-2021-30824 [HIGH] CVE-2021-30824: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30824 Component: Intel Graphics Driver Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30926 [HIGH] CVE-2021-30926: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30926 Component: ColorSync Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation.

CVE-2021-30881 [HIGH] CVE-2021-30881: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30881 Component: FileProvider Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution Description: An input validation issue was addressed with improved memory handling.

CVE-2021-30903 [HIGH] CVE-2021-30903: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30903 Component: Continuity Camera Impact: A local attacker may be able to cause unexpected application termination or arbitrary code execution Description: An uncontrolled format string issue was addressed with improved input validation.

CVE-2021-30917 [HIGH] CVE-2021-30917: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30917 Component: ColorSync Impact: Processing a maliciously crafted image may lead to arbitrary code execution Description: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.

CVE-2021-30909 [HIGH] CVE-2021-30909: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30909 Component: Kernel Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30877 [HIGH] CVE-2021-30877: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30877 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30880 [HIGH] CVE-2021-30880: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30880 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30834 [HIGH] CVE-2021-30834: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30834 Component: CoreAudio Impact: Processing a malicious audio file may result in unexpected application termination or arbitrary code execution Description: A logic issue was addressed with improved state management.

CVE-2021-30919 [HIGH] CVE-2021-30919: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30919 Component: CoreGraphics Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution Description: An out-of-bounds write was addressed with improved input validation.

CVE-2021-30901 [HIGH] CVE-2021-30901: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30901 Component: Intel Graphics Driver Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.

CVE-2021-30907 [HIGH] CVE-2021-30907: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30907 Component: Audio Impact: A malicious application may be able to elevate privileges Description: An integer overflow was addressed through improved input validation.

CVE-2021-30821 [HIGH] CVE-2021-30821: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30821 Component: IOGraphics Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30844 [HIGH] CVE-2021-30844: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30844 Component: SMB Impact: A remote attacker may be able to leak memory Description: A logic issue was addressed with improved state management.

CVE-2021-30876 [HIGH] CVE-2021-30876: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30876 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30922 [HIGH] CVE-2021-30922: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30922 Component: Intel Graphics Driver Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.

CVE-2021-30899 [HIGH] CVE-2021-30899: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30899 Component: Bluetooth Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved state handling.

CVE-2021-30879 [HIGH] CVE-2021-30879: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30879 Component: AppleScript Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30916 [HIGH] CVE-2021-30916: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30916 Component: Kernel Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30873 [HIGH] CVE-2021-30873: Security Update 2021-007 Catalina Apple Security Update: About the security content of Security Update 2021-007 Catalina Product: Security Update 2021-007 Catalina CVE: CVE-2021-30873 Component: AppKit Impact: A malicious application may be able to elevate privileges Description: A logic issue was addressed with improved state management.