APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave
APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave
- Subject: APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Mon, 14 Dec 2020 17:16:53 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001
Catalina, Security Update 2020-007 Mojave
macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security
Update 2020-007 Mojave addresses the following issues. Information
about the security content is also available at
https://support.apple.com/HT212011.
AMD
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-27914: Yu Wang of Didi Research America
CVE-2020-27915: Yu Wang of Didi Research America
App Store
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An application may be able to gain elevated privileges
Description: This issue was addressed by removing the vulnerable
code.
CVE-2020-27903: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
AppleGraphicsControl
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A validation issue was addressed with improved logic.
CVE-2020-27941: shrek_wzw
AppleMobileFileIntegrity
Available for: macOS Big Sur 11.0.1
Impact: A malicious application may be able to bypass Privacy
preferences
Description: This issue was addressed with improved checks.
CVE-2020-29621: Wojciech Reguła (@_r3ggi) of SecuRing
Audio
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-27910: JunDong Xie and XingWei Lin of Ant Security Light-
Year Lab
Audio
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A malicious application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9943: JunDong Xie of Ant Security Light-Year Lab
Audio
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An application may be able to read restricted memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-9944: JunDong Xie of Ant Security Light-Year Lab
Audio
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27916: JunDong Xie of Ant Security Light-Year Lab
Bluetooth
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause unexpected application
termination or heap corruption
Description: Multiple integer overflows were addressed with improved
input validation.
CVE-2020-27906: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
CoreAudio
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-27948: JunDong Xie of Ant Security Light-Year Lab
CoreAudio
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9960: JunDong Xie and XingWei Lin of Ant Security Light-Year
Lab
CVE-2020-27908: JunDong Xie and XingWei Lin of Ant Security Light-
Year Lab
CoreAudio
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-10017: Francis working with Trend Micro Zero Day Initiative,
JunDong Xie of Ant Security Light-Year Lab
CoreText
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2020-27922: Mickey Jin of Trend Micro
FontParser
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted font may result in the
disclosure of process memory
Description: An information disclosure issue was addressed with
improved state management.
CVE-2020-27946: Mateusz Jurczyk of Google Project Zero
FontParser
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A buffer overflow was addressed with improved size
validation.
CVE-2020-9962: Yiğit Can YILMAZ (@yilmazcanyigit)
FontParser
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27952: an anonymous researcher, Mickey Jin and Junzhi Lu of
Trend Micro
FontParser
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-9956: Mickey Jin and Junzhi Lu of Trend Micro Mobile
Security Research Team working with Trend Micro’s Zero Day Initiative
FontParser
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: A memory corruption issue existed in the processing of
font files. This issue was addressed with improved input validation.
CVE-2020-27931: Apple
CVE-2020-27943: Mateusz Jurczyk of Google Project Zero
CVE-2020-27944: Mateusz Jurczyk of Google Project Zero
Foundation
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A local user may be able to read arbitrary files
Description: A logic issue was addressed with improved state
management.
CVE-2020-10002: James Hutchins
Graphics Drivers
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-27947: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
Graphics Drivers
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: A malicious application may be able to execute arbitrary code
with system privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-29612: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
HomeKit
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An attacker in a privileged network position may be able to
unexpectedly alter application state
Description: This issue was addressed with improved setting
propagation.
CVE-2020-9978: Luyi Xing, Dongfang Zhao, and Xiaofeng Wang of Indiana
University Bloomington, Yan Jia of Xidian University and University
of Chinese Academy of Sciences, and Bin Yuan of HuaZhong University
of Science and Technology
Image Processing
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27919: Hou JingYi (@hjy79425575) of Qihoo 360 CERT, Xingwei
Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: A memory corruption issue was addressed with improved
input validation.
CVE-2020-29616: zhouat working with Trend Micro Zero Day Initiative
ImageIO
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-27924: Lei Sun
CVE-2020-29618: XingWei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-29611: Ivan Fratric of Google Project Zero
ImageIO
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to heap
corruption
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-29617: XingWei Lin of Ant Security Light-Year Lab
CVE-2020-29619: XingWei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2020-27912: Xingwei Lin of Ant Security Light-Year Lab
CVE-2020-27923: Lei Sun
Intel Graphics Driver
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2020-10015: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
CVE-2020-27897: Xiaolong Bai and Min (Spark) Zheng of Alibaba Inc.
and Luyi Xing of Indiana University Bloomington
Intel Graphics Driver
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
memory handling.
CVE-2020-27907: ABC Research s.r.o. working with Trend Micro Zero Day
Initiative
Kernel
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved state
management.
CVE-2020-9974: Tommy Muir (@Muirey03)
Kernel
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A memory corruption issue was addressed with improved
state management.
CVE-2020-10016: Alex Helie
Kernel
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause unexpected system
termination or corrupt kernel memory
Description: Multiple memory corruption issues were addressed with
improved input validation.
CVE-2020-9967: Alex Plaskett (@alexjplaskett)
Kernel
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-9975: Tielei Wang of Pangu Lab
Kernel
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A race condition was addressed with improved state
handling.
CVE-2020-27921: Linus Henze (pinauten.de)
Kernel
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7, macOS
Big Sur 11.0.1
Impact: A malicious application may cause unexpected changes in
memory belonging to processes traced by DTrace
Description: This issue was addressed with improved checks to prevent
unauthorized actions.
CVE-2020-27949: Steffen Klee (@_kleest) of TU Darmstadt, Secure
Mobile Networking Lab
Kernel
Available for: macOS Big Sur 11.0.1
Impact: A malicious application may be able to elevate privileges
Description: This issue was addressed with improved entitlements.
CVE-2020-29620: Csaba Fitzl (@theevilbit) of Offensive Security
libxml2
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: An integer overflow was addressed through improved input
validation.
CVE-2020-27911: found by OSS-Fuzz
libxml2
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing maliciously crafted web content may lead to code
execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-27920: found by OSS-Fuzz
libxml2
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-27926: found by OSS-Fuzz
libxpc
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A malicious application may be able to break out of its
sandbox
Description: A parsing issue in the handling of directory paths was
addressed with improved path validation.
CVE-2020-10014: Zhipeng Huo (@R3dF09) of Tencent Security Xuanwu Lab
Logging
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A local attacker may be able to elevate their privileges
Description: A path handling issue was addressed with improved
validation.
CVE-2020-10010: Tommy Muir (@Muirey03)
Model I/O
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2020-13524: Aleksandar Nikolic of Cisco Talos
Model I/O
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Opening a maliciously crafted file may lead to unexpected
application termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2020-10004: Aleksandar Nikolic of Cisco Talos
NSRemoteView
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved restrictions.
CVE-2020-27901: Thijs Alkemade of Computest Research Division
Power Management
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A malicious application may be able to determine kernel
memory layout
Description: A logic issue was addressed with improved state
management.
CVE-2020-10007: singi@theori working with Trend Micro Zero Day
Initiative
Quick Look
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: Processing a maliciously crafted document may lead to a cross
site scripting attack
Description: An access issue was addressed with improved access
restrictions.
CVE-2020-10012: Heige of KnownSec 404 Team (knownsec.com) and Bo Qu
of Palo Alto Networks (paloaltonetworks.com)
Ruby
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A remote attacker may be able to modify the file system
Description: A path handling issue was addressed with improved
validation.
CVE-2020-27896: an anonymous researcher
System Preferences
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A sandboxed process may be able to circumvent sandbox
restrictions
Description: A logic issue was addressed with improved state
management.
CVE-2020-10009: Thijs Alkemade of Computest Research Division
WebRTC
Available for: macOS Big Sur 11.0.1
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2020-15969: an anonymous researcher
Wi-Fi
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: An attacker may be able to bypass Managed Frame Protection
Description: A denial of service issue was addressed with improved
state handling.
CVE-2020-27898: Stephan Marais of University of Johannesburg
Installation note:
macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security
Update 2020-007 Mojave may be obtained from the Mac App Store or
Apple's Software Downloads web site:
https://support.apple.com/downloads/
Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAl/YBj8ACgkQZcsbuWJ6
jjCVjw//QGrhMvU+nyuS1UwWs7rcqDJDNh0Zb7yUJali2Bdc9/l++i2pLFbmAwes
7AYCag+T3h3aP7YJAN13zb8KBmUcmnWkWupfx8kEGqHxSXnQTXvaEI59RyCobOCj
OVPtboPMH1d94+6dABMp9kiLAHoZezm3hdF8ShT2Hqgq2TB16wZsa/EvhJVSaduA
7RttG6EHBTin6UU3M/+vcfJWqkg4O0YuZpQaconDa5Pd81jpUMeduzfRvS5i+PVS
cehtHPWjCN15+sQ29q11yhP3v+sYh0DJEl2LWaBnDo2TlC1gHx70H5ZsAFLHChcd
rXkl1tm6GV3UWVhFq0jQc1DP+IwbuL6jHI/wIjYx7itk9XECppyhhiuImOaLiIUH
CBgAjwVHY1GUdTH97iPEQFF61v3sjpRLleLMZW7+9ZTt4pEDwMVHk9vKgVK5BUa6
lrKWtBHL3AtaXtxC9y8XGe3IYEBLAszHMUJfF1BR+D/niDRlztvoj72/3PPwtk2t
tuUE9RGzpSXCQ1CX6vW7zS2ddVmQfJqcPX721k4OVpFNlMXkjZkm2Q/xwr5qq99v
Up9BA+ITksthGYfGAY5bBV1LsjK1NtdNHQGpZe4l9bu4ONgUvmL8iBb/LnS6wKB1
HGcdHEmXvbx+Akl/fvTdG8RSvyoYuFJHkuYv0DMWiri8yN1q+C4=
=osnP
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden