Apple Security Update 2021-008 Catalina vulnerabilities

CVE-2021-30961 [MEDIUM] CVE-2021-30961: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30961 Component: CoreAudio Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30973 [MEDIUM] CVE-2021-30973: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30973 Component: Model I/O Impact: Processing a maliciously crafted file may disclose user information Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30990 [MEDIUM] CVE-2021-30990: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30990 Component: LaunchServices Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved validation.

CVE-2021-30941 [MEDIUM] CVE-2021-30941: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30941 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30965 [MEDIUM] CVE-2021-30965: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30965 Component: TCC Impact: A malicious application may be able to cause a denial of service to Endpoint Security clients Description: A logic issue was addressed with improved state management.

CVE-2021-30976 [MEDIUM] CVE-2021-30976: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30976 Component: LaunchServices Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management.

CVE-2021-30940 [MEDIUM] CVE-2021-30940: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30940 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30929 [MEDIUM] CVE-2021-30929: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30929 Component: Model I/O Impact: Processing a maliciously crafted USD file may disclose memory contents Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2021-30931 [MEDIUM] CVE-2021-30931: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30931 Component: Bluetooth Impact: A malicious application may be able to disclose kernel memory Description: A logic issue was addressed with improved validation.

CVE-2021-30982 [MEDIUM] CVE-2021-30982: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30982 Component: IOUSBHostFamily Impact: A remote attacker may be able to cause unexpected application termination or heap corruption Description: A race condition was addressed with improved locking.

CVE-2021-30767 [MEDIUM] CVE-2021-30767: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30767 Component: TCC Impact: A local user may be able to modify protected parts of the file system Description: A logic issue was addressed with improved state management.

CVE-2021-30950 [MEDIUM] CVE-2021-30950: Security Update 2021-008 Catalina Apple Security Update: About the security content of Security Update 2021-008 Catalina Product: Security Update 2021-008 Catalina CVE: CVE-2021-30950 Component: Archive Utility Impact: A malicious application may bypass Gatekeeper checks Description: A logic issue was addressed with improved state management.