About the security content of macOS Big Sur 11.6.2

This document describes the security content of macOS Big Sur 11.6.2.

About Apple security updates

For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

macOS Big Sur 11.6.2

Released December 13, 2021

Archive Utility

Available for: macOS Big Sur

Impact: A malicious application may bypass Gatekeeper checks

Description: A logic issue was addressed with improved state management.

CVE-2021-30950: @gorelics

Bluetooth

Available for: macOS Big Sur

Impact: A malicious application may be able to disclose kernel memory

Description: A logic issue was addressed with improved validation.

CVE-2021-30931: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America

Bluetooth

Available for: macOS Big Sur

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A logic issue was addressed with improved validation.

CVE-2021-30935: an anonymous researcher

ColorSync

Available for: macOS Big Sur

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory corruption issue in the processing of ICC profiles was addressed with improved input validation.

CVE-2021-30942: Mateusz Jurczyk of Google Project Zero

CoreAudio

Available for: macOS Big Sur

Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution

Description: A buffer overflow was addressed with improved memory handling.

CVE-2021-30957: JunDong Xie of Ant Security Light-Year Lab

Entry added May 25, 2022

CoreAudio

Available for: macOS Big Sur

Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information

Description: A memory initialization issue was addressed with improved memory handling.

CVE-2021-30962: JunDong Xie of Ant Security Light-Year Lab

Entry added May 25, 2022

CoreAudio

Available for: macOS Big Sur

Impact: Parsing a maliciously crafted audio file may lead to disclosure of user information

Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30959: JunDong Xie of Ant Security Light-Year Lab

CVE-2021-30961: JunDong Xie of Ant Security Light-Year Lab

CVE-2021-30963: JunDong Xie of Ant Security Light-Year Lab

Entry updated May 25, 2022

CoreAudio

Available for: macOS Big Sur

Impact: Playing a malicious audio file may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30958: JunDong Xie of Ant Security Light-Year Lab

Crash Reporter

Available for: macOS Big Sur

Impact: A local attacker may be able to elevate their privileges

Description: This issue was addressed with improved checks.

CVE-2021-30945: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)

File Provider

Available for: macOS Big Sur

Impact: A malicious application may be able to bypass Privacy preferences

Description: A permissions issue was addressed with improved validation.

CVE-2021-31007: Csaba Fitzl (@theevilbit) of Offensive Security

Entry added May 25, 2022

FontParser

Available for: macOS Big Sur

Impact: Processing a maliciously crafted font may result in the disclosure of process memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-31013: Daniel Lim Wee Soong of STAR Labs

Entry added September 16, 2022

Game Center

Available for: macOS Big Sur

Impact: A malicious application may be able to access information about a user's contacts

Description: A logic issue was addressed with improved restrictions.

CVE-2021-30895: Denis Tokarev (@illusionofcha0s)

Entry added May 25, 2022

Graphics Drivers

Available for: macOS Big Sur

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2021-30977: Jack Dates of RET2 Systems, Inc.

Help Viewer

Available for: macOS Big Sur

Impact: Processing a maliciously crafted URL may cause unexpected JavaScript execution from a file on disk

Description: A path handling issue was addressed with improved validation.

CVE-2021-30969: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com)

ImageIO

Available for: macOS Big Sur

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30939: Mickey Jin (@patch1t) of Trend Micro, Jaewon Min of Cisco Talos, Rui Yang and Xingwei Lin of Ant Security Light-Year Lab

Entry updated May 25, 2022

Intel Graphics Driver

Available for: macOS Big Sur

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A buffer overflow was addressed with improved bounds checking.

CVE-2021-30981: Liu Long of Ant Security Light-Year Lab, Jack Dates of RET2 Systems, Inc.

Entry updated May 25, 2022

IOUSBHostFamily

Available for: macOS Big Sur

Impact: A remote attacker may be able to cause unexpected application termination or heap corruption

Description: A race condition was addressed with improved locking.

CVE-2021-30982: Weiteng Chen, Zheng Zhang, and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America

Kernel

Available for: macOS Big Sur

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A use after free issue was addressed with improved memory management.

CVE-2021-30927: Xinru Chi of Pangu Lab

CVE-2021-30980: Xinru Chi of Pangu Lab

Kernel

Available for: macOS Big Sur

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption vulnerability was addressed with improved locking.

CVE-2021-30937: Sergei Glazunov of Google Project Zero

Kernel

Available for: macOS Big Sur

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30949: Ian Beer of Google Project Zero

LaunchServices

Available for: macOS Big Sur

Impact: A malicious application may bypass Gatekeeper checks

Description: A logic issue was addressed with improved validation.

CVE-2021-30990: Ron Masas of BreakPoint.sh

LaunchServices

Available for: macOS Big Sur

Impact: A malicious application may bypass Gatekeeper checks

Description: A logic issue was addressed with improved state management.

CVE-2021-30976: chenyuwang (@mzzzz__) and Kirin (@Pwnrin) of Tencent Security Xuanwu Lab

Model I/O

Available for: macOS Big Sur

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2021-30929: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab

Model I/O

Available for: macOS Big Sur

Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution

Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30979: Mickey Jin (@patch1t) of Trend Micro

Model I/O

Available for: macOS Big Sur

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: A buffer overflow issue was addressed with improved memory handling.

CVE-2021-30940: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab

CVE-2021-30941: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab

Model I/O

Available for: macOS Big Sur

Impact: Processing a maliciously crafted file may disclose user information

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-30973: Ye Zhang (@co0py_Cat) of Baidu Security

Model I/O

Available for: macOS Big Sur

Impact: Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution

Description: An out-of-bounds write issue was addressed with improved bounds checking.

CVE-2021-30971: Ye Zhang (@co0py_Cat) of Baidu Security

Preferences

Available for: macOS Big Sur

Impact: A malicious application may be able to elevate privileges

Description: A race condition was addressed with improved state handling.

CVE-2021-30995: Mickey Jin (@patch1t) of Trend Micro, Mickey Jin (@patch1t)

Sandbox

Available for: macOS Big Sur

Impact: A malicious application may be able to bypass certain Privacy preferences

Description: A validation issue related to hard link behavior was addressed with improved sandbox restrictions.

CVE-2021-30968: Csaba Fitzl (@theevilbit) of Offensive Security

Sandbox

Available for: macOS Big Sur

Impact: An application may be able to access a user's files

Description: An access issue was addressed with additional sandbox restrictions.

CVE-2021-30947: Csaba Fitzl (@theevilbit) of Offensive Security

Sandbox

Available for: macOS Big Sur

Impact: A malicious application may be able to bypass certain Privacy preferences

Description: A logic issue was addressed with improved restrictions.

CVE-2021-30946: @gorelics, and Ron Masas of BreakPoint.sh

Entry updated May 11, 2023

Script Editor

Available for: macOS Big Sur

Impact: A malicious OSAX scripting addition may bypass Gatekeeper checks and circumvent sandbox restrictions

Description: This issue was addressed by disabling execution of JavaScript when viewing a scripting dictionary.

CVE-2021-30975: Ryan Pickren (ryanpickren.com)

SMB

Available for: macOS Big Sur

Impact: A malicious application may be able to execute arbitrary code with system privileges

Description: An out-of-bounds read was addressed with improved input validation.

CVE-2021-31002: Peter Nguyễn Vũ Hoàng of STAR Labs

Entry added September 16, 2022

TCC

Available for: macOS Big Sur

Impact: A local user may be able to modify protected parts of the file system

Description: A logic issue was addressed with improved state management.

CVE-2021-30767: @gorelics

TCC

Available for: macOS Big Sur

Impact: A malicious application may be able to bypass Privacy preferences

Description: A logic issue was addressed with improved state management.

CVE-2021-30970: Jonathan Bar Or of Microsoft

TCC

Available for: macOS Big Sur

Impact: A malicious application may be able to cause a denial of service to Endpoint Security clients

Description: A logic issue was addressed with improved state management.

CVE-2021-30965: Csaba Fitzl (@theevilbit) of Offensive Security

Wi-Fi

Available for: macOS Big Sur

Impact: A local user may be able to cause unexpected system termination or read kernel memory

Description: This issue was addressed with improved checks.

CVE-2021-30938: Xinru Chi of Pangu Lab

Additional recognition

Admin Framework

We would like to acknowledge Simon Andersen of Aarhus University and Pico Mitchell for their assistance.

Bluetooth

We would like to acknowledge Haram Park, Korea University for their assistance.

Entry added May 25, 2022

ColorSync

We would like to acknowledge Mateusz Jurczyk of Google Project Zero for their assistance.

Contacts

We would like to acknowledge Minchan Park (03stin) for their assistance.

Kernel

We would like to acknowledge Amit Klein of Bar-Ilan University's Center for Research in Applied Cryptography and Cyber Security for their assistance.

Model I/O

We would like to acknowledge Rui Yang and Xingwei Lin of Ant Security Light-Year Lab for their assistance.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Ngày đăng: