With all the attention on Monterey, you might have missed the latest update to macOS Big Sur. Apple has recently released version 11.6.1 of the operating system. It resolves a number of security concerns, including one that would allow a maliciously-crafted PDF permission to run code you don’t want it to.
The Security Patches in macOS Big Sur 11.6.1
Here’s a list of the security fixes within the latest version of Big Sur.
AppleScript
Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30876 and CVE-2021-30879: Jeremy Brown, hjy79425575
CVE-2021-30877 and CVE-2021-30880: Jeremy Brown
Audio
Impact: A malicious application may be able to elevate privileges
Description: An integer overflow was addressed through improved input validation.
CVE-2021-30907: Zweig of Kunlun Lab
Bluetooth
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved state handling.
CVE-2021-30899: Weiteng Chen; Zheng Zhang; and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America
ColorSync
Impact: Processing a maliciously crafted image may lead to arbitrary code execution
Description: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.
CVE-2021-30917: Alexandru-Vlad Niculae and Mateusz Jurczyk of Google Project Zero
CoreGraphics
Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution
Description: An out-of-bounds write was addressed with improved input validation.
CVE-2021-30919
FileProvider
Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution
Description: An input validation issue was addressed with improved memory handling.
CVE-2021-30881: Simon Huang and pjf of IceSword Lab of Qihoo 360
iCloud
Impact: A local attacker may be able to elevate their privileges
Description: This issue was addressed with improved checks.
CVE-2021-30906: Cees Elzinga
Intel Graphics Driver
Issue #1:
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved state management.
CVE-2021-30824: Antonio Zekic of Diverto
Issue #2:
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.
CVE-2021-30901: Zuozhi Fan of Ant Security TianQiong Lab, Yinyi Wu, Jack Dates of RET2 Systems, Inc.
IOGraphics
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30821: Tim Michaud of Zoom Video Communications
IOMobileFrameBuffer
Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30883: an anonymous researcher
Kernel
Issue #1:
Impact: An application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30909: Zweig of Kunlun Lab
Issue #2:
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30916: Zweig of Kunlun Lab
Model I/O
Issue #1:
Impact: Processing a maliciously crafted file may disclose user information
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30910: Mickey Jin of Trend Micro
Issue #2:
Impact: Processing a maliciously crafted USD file may disclose memory contents
Description: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab
SMB
Impact: A malicious application may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with improved locking.
CVE-2021-30868: Peter Nguyen Vu Hoang of STAR Labs
SoftwareUpdate
Issue #1:
Impact: An unprivileged application may be able to edit NVRAM variables
Description: The issue was addressed with improved permissions logic.
CVE-2021-30913: Kirin and chenyuwang of Tencent Security Xuanwu Lab
Issue #2:
Impact: A malicious application may gain access to a user’s Keychain items
Description: The issue was addressed with improved permissions logic.
CVE-2021-30912: Kirin and chenyuwang of Tencent Security Xuanwu Lab
UIKit
Impact: A person with physical access to an iOS device may be able to determine characteristics of a user’s password in a secure text entry field
Description: A logic issue was addressed with improved state management.
CVE-2021-30915: Kostas Angelopoulos
Windows Server
Impact: A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen
Description: An authentication issue was addressed with improved state management.
CVE-2021-30908: ASentientBot
zsh
Impact: A malicious application may be able to modify protected parts of the file system
Description: An inherited permissions issue was addressed with additional restrictions.
CVE-2021-30892: Jonathan Bar Or of Microsoft