Apple has issued security updates for multiple version of macOS on Wednesday. Among other flaws, it fixes the sudo flaw known as Baron Samedit. The update is for macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002.
Mac Security Update
Three flaws have been fixed:
Intel Graphics Driver
- Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
- Impact: An application may be able to execute arbitrary code with kernel privileges
- Description: An out-of-bounds write was addressed with improved input validation.
- CVE-2021-1805: ABC Research s.r.o. working with Trend Micro Zero Day Initiative
Intel Graphics Driver
- Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7
- Impact: An application may be able to execute arbitrary code with kernel privileges
- Description: A race condition was addressed with additional validation.
- CVE-2021-1806: ABC Research s.r.o. working with Trend Micro Zero Day Initiative
Sudo
- Available for: macOS Big Sur 11.2, macOS Catalina 10.15.7, macOS Mojave 10.14.6
- Impact: A local attacker may be able to elevate their privileges
- Description: This issue was addressed by updating to sudo version 1.9.5p2.
- CVE-2021-3156: Qualys
After installing this update, the build number for macOS Catalina 10.15.7 is 19H524.