macOS Big Sur 11.6.1 Fixes Many Security Woes

macOS Big Sur 11.6.1 Fixes Many Security Woes

With all the attention on Monterey, you might have missed the latest update to macOS Big Sur. Apple has recently released version 11.6.1 of the operating system. It resolves a number of security concerns, including one that would allow a maliciously-crafted PDF permission to run code you don’t want it to.

The Security Patches in macOS Big Sur 11.6.1

Here’s a list of the security fixes within the latest version of Big Sur.

AppleScript

Impact: Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30876 and CVE-2021-30879: Jeremy Brown, hjy79425575

CVE-2021-30877 and CVE-2021-30880: Jeremy Brown

Audio

Impact: A malicious application may be able to elevate privileges

Description: An integer overflow was addressed through improved input validation.

CVE-2021-30907: Zweig of Kunlun Lab

Bluetooth

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved state handling.

CVE-2021-30899: Weiteng Chen; Zheng Zhang; and Zhiyun Qian of UC Riverside, and Yu Wang of Didi Research America

ColorSync

Impact: Processing a maliciously crafted image may lead to arbitrary code execution

Description: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.

CVE-2021-30917: Alexandru-Vlad Niculae and Mateusz Jurczyk of Google Project Zero

CoreGraphics

Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution

Description: An out-of-bounds write was addressed with improved input validation.

CVE-2021-30919

FileProvider

Impact: Unpacking a maliciously crafted archive may lead to arbitrary code execution

Description: An input validation issue was addressed with improved memory handling.

CVE-2021-30881: Simon Huang and pjf of IceSword Lab of Qihoo 360

iCloud

Impact: A local attacker may be able to elevate their privileges

Description: This issue was addressed with improved checks.

CVE-2021-30906: Cees Elzinga

Intel Graphics Driver

Issue #1:

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved state management.

CVE-2021-30824: Antonio Zekic of Diverto

Issue #2:

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: Multiple out-of-bounds write issues were addressed with improved bounds checking.

CVE-2021-30901: Zuozhi Fan of Ant Security TianQiong Lab, Yinyi Wu, Jack Dates of RET2 Systems, Inc.

IOGraphics

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30821: Tim Michaud of Zoom Video Communications

IOMobileFrameBuffer

Impact: An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30883: an anonymous researcher

Kernel

Issue #1:

Impact: An application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30909: Zweig of Kunlun Lab

Issue #2:

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A memory corruption issue was addressed with improved memory handling.

CVE-2021-30916: Zweig of Kunlun Lab

Model I/O

Issue #1:

Impact: Processing a maliciously crafted file may disclose user information

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30910: Mickey Jin of Trend Micro

Issue #2:

Impact: Processing a maliciously crafted USD file may disclose memory contents

Description: An out-of-bounds read was addressed with improved bounds checking.

CVE-2021-30911: Rui Yang and Xingwei Lin of Ant Security Light-Year Lab

SMB

Impact: A malicious application may be able to execute arbitrary code with kernel privileges

Description: A race condition was addressed with improved locking.

CVE-2021-30868: Peter Nguyen Vu Hoang of STAR Labs

SoftwareUpdate

Issue #1:

Impact: An unprivileged application may be able to edit NVRAM variables

Description: The issue was addressed with improved permissions logic.

CVE-2021-30913: Kirin and chenyuwang of Tencent Security Xuanwu Lab

Issue #2:

Impact: A malicious application may gain access to a user’s Keychain items

Description: The issue was addressed with improved permissions logic.

CVE-2021-30912: Kirin and chenyuwang of Tencent Security Xuanwu Lab

UIKit

Impact: A person with physical access to an iOS device may be able to determine characteristics of a user’s password in a secure text entry field

Description: A logic issue was addressed with improved state management.

CVE-2021-30915: Kostas Angelopoulos

Windows Server

Impact: A local attacker may be able to view the previous logged-in user’s desktop from the fast user switching screen

Description: An authentication issue was addressed with improved state management.

CVE-2021-30908: ASentientBot

zsh

Impact: A malicious application may be able to modify protected parts of the file system

Description: An inherited permissions issue was addressed with additional restrictions.

CVE-2021-30892: Jonathan Bar Or of Microsoft

Subscribe
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments