← Back

CVE-2021-30844

nvd nist
Published: Oct 19, 2021Modified: Nov 21, 2024

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

A logic issue was addressed with improved state management. This issue is fixed in Security Update 2021-005 Catalina, macOS Big Sur 11.6. A remote attacker may be able to leak memory.

Affected (12)

Products: Apple: Mac Os X, Macos
Apple
2 products
Mac Os X
Macos
Configuration A
12 vulnerable
Vulnerable SoftwareAffected Versions
Apple
Mac Os X
From 10.15 to 10.15.6
Mac Os X
Version 10.15.7
Mac Os X
Version 10.15.7 security_update_2020-001
Mac Os X
Version 10.15.7 security_update_2020-005
Mac Os X
Version 10.15.7 security_update_2020-007
Mac Os X
Version 10.15.7 security_update_2020
Mac Os X
Version 10.15.7 security_update_2021-001
Mac Os X
Version 10.15.7 security_update_2021-002
Mac Os X
Version 10.15.7 security_update_2021-003
Mac Os X
Version 10.15.7 security_update_2021-006
Mac Os X
Version 10.15.7 supplemental_update
Macos
Before 11.6.1

Related CWEs

CWE-401
Missing Release of Memory after Effective Lifetime
The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (8)

Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Release NotesVendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: product-security@apple.com
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.