CVE-2021-30869
24.08.2021, 19:15
A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild.
| Vendor | Product | Version |
|---|---|---|
| apple | ipados | 𝑥 < 14.4 |
| apple | iphone_os | 12.0 ≤ 𝑥 < 12.5.5 |
| apple | iphone_os | 14.0 ≤ 𝑥 < 14.4 |
| apple | mac_os_x | 10.14 ≤ 𝑥 ≤ 10.14.6 |
| apple | mac_os_x | 10.15 ≤ 𝑥 ≤ 10.15.6 |
| apple | mac_os_x | 10.14.6:security_update_2019-001 |
| apple | mac_os_x | 10.14.6:security_update_2019-002 |
| apple | mac_os_x | 10.14.6:security_update_2019-004 |
| apple | mac_os_x | 10.14.6:security_update_2019-005 |
| apple | mac_os_x | 10.14.6:security_update_2019-006 |
| apple | mac_os_x | 10.14.6:security_update_2019-007 |
| apple | mac_os_x | 10.14.6:security_update_2020-001 |
| apple | mac_os_x | 10.14.6:security_update_2020-002 |
| apple | mac_os_x | 10.14.6:security_update_2020-003 |
| apple | mac_os_x | 10.14.6:security_update_2020-004 |
| apple | mac_os_x | 10.14.6:security_update_2020-005 |
| apple | mac_os_x | 10.14.6:security_update_2020-006 |
| apple | mac_os_x | 10.14.6:security_update_2020-007 |
| apple | mac_os_x | 10.15.7 |
| apple | mac_os_x | 10.15.7:security_update_2020 |
| apple | mac_os_x | 10.15.7:security_update_2020-001 |
| apple | mac_os_x | 10.15.7:security_update_2020-005 |
| apple | mac_os_x | 10.15.7:security_update_2020-007 |
| apple | mac_os_x | 10.15.7:security_update_2021-002 |
| apple | mac_os_x | 10.15.7:security_update_2021-003 |
| apple | mac_os_x | 10.15.7:security_update_2021-004 |
| apple | mac_os_x | 10.15.7:security_update_2021-005 |
| apple | mac_os_x | 10.15.7:supplemental_update |
| apple | macos | 11.0 ≤ 𝑥 < 11.2 |
𝑥
= Vulnerable software versions
References