APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
- Subject: APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave
- From: Apple Product Security via Security-announce <email@hidden>
- Date: Mon, 01 Feb 2021 14:55:14 -0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001
Catalina, Security Update 2021-001 Mojave
macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security
Update 2021-001 Mojave addresses the following issues. Information
about the security content is also available at
https://support.apple.com/HT212147.
Analytics
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2021-1761: Cees Elzinga
APFS
Available for: macOS Big Sur 11.0.1
Impact: A local user may be able to read arbitrary files
Description: The issue was addressed with improved permissions logic.
CVE-2021-1797: Thomas Tempelmann
CFNetwork Cache
Available for: macOS Catalina 10.15.7 and macOS Mojave 10.14.6
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An integer overflow was addressed with improved input
validation.
CVE-2020-27945: Zhuo Liang of Qihoo 360 Vulcan Team
CoreAnimation
Available for: macOS Big Sur 11.0.1
Impact: A malicious application could execute arbitrary code leading
to compromise of user information
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-1760: @S0rryMybad of 360 Vulcan Team
CoreAudio
Available for: macOS Big Sur 11.0.1
Impact: Processing maliciously crafted web content may lead to code
execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1747: JunDong Xie of Ant Security Light-Year Lab
CoreGraphics
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-1776: Ivan Fratric of Google Project Zero
CoreMedia
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1759: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
CoreText
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A stack overflow was addressed with improved input
validation.
CVE-2021-1772: Mickey Jin of Trend Micro working with Trend Micro’s
Zero Day Initiative
CoreText
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1792: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative
Crash Reporter
Available for: macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2021-1761: Cees Elzinga
Crash Reporter
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A local attacker may be able to elevate their privileges
Description: Multiple issues were addressed with improved logic.
CVE-2021-1787: James Hutchins
Crash Reporter
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A local user may be able to create or modify system files
Description: A logic issue was addressed with improved state
management.
CVE-2021-1786: Csaba Fitzl (@theevilbit) of Offensive Security
Directory Utility
Available for: macOS Catalina 10.15.7
Impact: A malicious application may be able to access private
information
Description: A logic issue was addressed with improved state
management.
CVE-2020-27937: Wojciech Reguła (@_r3ggi) of SecuRing
Endpoint Security
Available for: macOS Catalina 10.15.7
Impact: A local attacker may be able to elevate their privileges
Description: A logic issue was addressed with improved state
management.
CVE-2021-1802: Zhongcheng Li (@CK01) from WPS Security Response
Center
FairPlay
Available for: macOS Big Sur 11.0.1
Impact: A malicious application may be able to disclose kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed with improved input
validation.
CVE-2021-1791: Junzhi Lu (@pwn0rz), Qi Sun & Mickey Jin of Trend
Micro working with Trend Micro’s Zero Day Initiative
FontParser
Available for: macOS Catalina 10.15.7
Impact: Processing a maliciously crafted font may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1790: Peter Nguyen Vu Hoang of STAR Labs
FontParser
Available for: macOS Mojave 10.14.6
Impact: Processing a maliciously crafted font may lead to arbitrary
code execution
Description: This issue was addressed by removing the vulnerable
code.
CVE-2021-1775: Mickey Jin and Qi Sun of Trend Micro
FontParser
Available for: macOS Mojave 10.14.6
Impact: A remote attacker may be able to leak memory
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2020-29608: Xingwei Lin of Ant Security Light-Year Lab
FontParser
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1758: Peter Nguyen of STAR Labs
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An access issue was addressed with improved memory
management.
CVE-2021-1783: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1741: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1743: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative, Xingwei Lin of Ant Security Light-
Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A logic issue was addressed with improved state
management.
CVE-2021-1773: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An out-of-bounds read issue existed in the curl. This
issue was addressed with improved bounds checking.
CVE-2021-1778: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1736: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1785: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: This issue was addressed with improved checks.
CVE-2021-1766: Danny Rosseau of Carve Systems
ImageIO
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2021-1818: Xingwei Lin from Ant-Financial Light-Year Security Lab
ImageIO
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-1742: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1746: Mickey Jin & Qi Sun of Trend Micro, Xingwei Lin of Ant
Security Light-Year Lab
CVE-2021-1754: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1774: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1777: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1793: Xingwei Lin of Ant Security Light-Year Lab
ImageIO
Available for: macOS Big Sur 11.0.1 and macOS Catalina 10.15.7
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1737: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1738: Lei Sun
CVE-2021-1744: Xingwei Lin of Ant Security Light-Year Lab
IOKit
Available for: macOS Big Sur 11.0.1
Impact: An application may be able to execute arbitrary code with
system privileges
Description: A logic error in kext loading was addressed with
improved state handling.
CVE-2021-1779: Csaba Fitzl (@theevilbit) of Offensive Security
IOSkywalkFamily
Available for: macOS Big Sur 11.0.1
Impact: A local attacker may be able to elevate their privileges
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1757: Pan ZhenPeng (@Peterpan0927) of Alibaba Security,
Proteas
Kernel
Available for: macOS Catalina 10.15.7 and macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: A logic issue existed resulting in memory corruption.
This was addressed with improved state management.
CVE-2020-27904: Zuozhi Fan (@pattern_F_) of Ant Group Tianqiong
Security Lab
Kernel
Available for: macOS Big Sur 11.0.1
Impact: A remote attacker may be able to cause a denial of service
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-1764: @m00nbsd
Kernel
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A malicious application may be able to elevate privileges.
Apple is aware of a report that this issue may have been actively
exploited.
Description: A race condition was addressed with improved locking.
CVE-2021-1782: an anonymous researcher
Kernel
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple issues were addressed with improved logic.
CVE-2021-1750: @0xalsr
Login Window
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: An attacker in a privileged network position may be able to
bypass authentication policy
Description: An authentication issue was addressed with improved
state management.
CVE-2020-29633: Jewel Lambert of Original Spin, LLC.
Messages
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A user that is removed from an iMessage group could rejoin
the group
Description: This issue was addressed with improved checks.
CVE-2021-1771: Shreyas Ranganatha (@strawsnoceans)
Model I/O
Available for: macOS Big Sur 11.0.1
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1762: Mickey Jin of Trend Micro
Model I/O
Available for: macOS Catalina 10.15.7
Impact: Processing a maliciously crafted file may lead to heap
corruption
Description: This issue was addressed with improved checks.
CVE-2020-29614: ZhiWei Sun (@5n1p3r0010) from Topsec Alpha Lab
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2021-1763: Mickey Jin of Trend Micro working with Trend Micro’s
Zero Day Initiative
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted image may lead to heap
corruption
Description: This issue was addressed with improved checks.
CVE-2021-1767: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1745: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1753: Mickey Jin of Trend Micro working with Trend Micro’s
Zero Day Initiative
Model I/O
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1768: Mickey Jin & Junzhi Lu of Trend Micro working with
Trend Micro’s Zero Day Initiative
NetFSFramework
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: Mounting a maliciously crafted Samba network share may lead
to arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2021-1751: Mikko Kenttälä (@Turmio_) of SensorFu
OpenLDAP
Available for: macOS Big Sur 11.0.1, macOS Catalina 10.15.7, and
macOS Mojave 10.14.6
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2020-25709
Power Management
Available for: macOS Mojave 10.14.6, macOS Catalina 10.15.7
Impact: A malicious application may be able to elevate privileges
Description: A logic issue was addressed with improved state
management.
CVE-2020-27938: Tim Michaud (@TimGMichaud) of Leviathan
Screen Sharing
Available for: macOS Big Sur 11.0.1
Impact: Multiple issues in pcre
Description: Multiple issues were addressed by updating to version
8.44.
CVE-2019-20838
CVE-2020-14155
SQLite
Available for: macOS Catalina 10.15.7
Impact: Multiple issues in SQLite
Description: Multiple issues were addressed by updating SQLite to
version 3.32.3.
CVE-2020-15358
Swift
Available for: macOS Big Sur 11.0.1
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: A logic issue was addressed with improved validation.
CVE-2021-1769: CodeColorist of Ant-Financial Light-Year Labs
WebKit
Available for: macOS Big Sur 11.0.1
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-1788: Francisco Alonso (@revskills)
WebKit
Available for: macOS Big Sur 11.0.1
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2021-1765: Eliya Stein of Confiant
CVE-2021-1801: Eliya Stein of Confiant
WebKit
Available for: macOS Big Sur 11.0.1
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-1789: @S0rryMybad of 360 Vulcan Team
WebKit
Available for: macOS Big Sur 11.0.1
Impact: A remote attacker may be able to cause arbitrary code
execution. Apple is aware of a report that this issue may have been
actively exploited.
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1871: an anonymous researcher
CVE-2021-1870: an anonymous researcher
WebRTC
Available for: macOS Big Sur 11.0.1
Impact: A malicious website may be able to access restricted ports on
arbitrary servers
Description: A port redirection issue was addressed with additional
port validation.
CVE-2021-1799: Gregory Vishnepolsky & Ben Seri of Armis Security, and
Samy Kamkar
Additional recognition
Kernel
We would like to acknowledge Junzhi Lu (@pwn0rz), Mickey Jin & Jesse
Change of Trend Micro for their assistance.
libpthread
We would like to acknowledge CodeColorist of Ant-Financial Light-Year
Labs for their assistance.
Login Window
We would like to acknowledge Jose Moises Romero-Villanueva of
CrySolve for their assistance.
Mail Drafts
We would like to acknowledge Jon Bottarini of HackerOne for their
assistance.
Screen Sharing Server
We would like to acknowledge @gorelics for their assistance.
WebRTC
We would like to acknowledge Philipp Hancke for their assistance.
This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmAYgrkACgkQZcsbuWJ6
jjATvhAAmcspGY8ZHJcSUGr9mysz5iT9oGkZcvFa8kcJsFAvFb9Wjz0M2eovBXQc
D9bD7LrUpodiqkSobB4bEevpD9P8E/T/eRSBxjomKLv5DKHPT4eh/K2EU6R6ubVi
GGNlT9DJrIxcTJIB2y/yfs8msV2w2/gZDLKJZP4Zh6t8G1sjI17iEaxpOph67aq2
X0d+P7+7q1mUBa47JEQ+HIUNlfHtBL825cnmHD2Vn1WELQLKZfXBl+nPM9l9naRc
3vYIvR7xJ5c4bqFx7N9xwGdQ5TRIoDijqADwggGwOZEiVZ7PWifj/iCLUz4Ks4hr
oGVE1UxN1oSX63D44ZQyfiyIWIiMtDV9V4J6mUoUnZ6RTTMoRRAF9DcSVF5/wmHk
odYnMeouHc543ZyVBtdtwJ/tbuBvTOjzpNn0+UgiyRL9wG/xxQq+gB4vwgSEviek
bBhyvdxLVWW0ULwFeN5rI5bCQBkv6BB9OSyhD6sMRrp59NAgBBS2nstZG1RAt7XL
2KZ1GpoNcuDRLj7ElxAfeJuPM1dFVTK48SH56M1FElz/QowZVOXyKgUoaeVTUyAC
3WOACmFAosFIclCbr8z8yGynX2bsCGBNKv4pKoHlyZCyFHCQw9L6uR2gRkOp86+M
iqHtE2L1WUZvUMCIKxfdixILEfoacSVCxr3+v4SSDOcEbSDYEIA=
=mUkG
-----END PGP SIGNATURE-----
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Security-announce mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden