CVE-2021-1840
First published: Mon Apr 26 2021(Updated: )
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina, Security Update 2021-003 Mojave. A local attacker may be able to elevate their privileges.
Credit: Zuozhi Fan @pattern_F_ Ant Group Tianqiong Security LabZuozhi Fan @pattern_F_ Ant Group Tianqiong Security Lab product-security@apple.com Zuozhi Fan @pattern_F_ Ant Group Tianqiong Security Lab
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | <11.3 | 11.3 |
| macOS Catalina | ||
| macOS Mojave | ||
| Apple iOS and macOS | =10.14 | |
| Apple iOS and macOS | =10.14.0 | |
| Apple iOS and macOS | =10.14.1 | |
| Apple iOS and macOS | =10.14.2 | |
| Apple iOS and macOS | =10.14.3 | |
| Apple iOS and macOS | =10.14.4 | |
| Apple iOS and macOS | =10.14.4-beta4 | |
| Apple iOS and macOS | =10.14.5 | |
| Apple iOS and macOS | =10.14.6 | |
| Apple iOS and macOS | =10.14.6 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-001 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-002 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-004 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-005 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-006 | |
| Apple iOS and macOS | =10.14.6-security_update_2019-007 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-001 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-002 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-003 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-004 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-005 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-006 | |
| Apple iOS and macOS | =10.14.6-security_update_2020-007 | |
| Apple iOS and macOS | =10.14.6-security_update_2021-001 | |
| Apple iOS and macOS | =10.14.6-security_update_2021-002 | |
| Apple iOS and macOS | =10.15 | |
| Apple iOS and macOS | =10.15.1 | |
| Apple iOS and macOS | =10.15.2 | |
| Apple iOS and macOS | =10.15.3 | |
| Apple iOS and macOS | =10.15.4 | |
| Apple iOS and macOS | =10.15.5 | |
| Apple iOS and macOS | =10.15.6 | |
| Apple iOS and macOS | =10.15.6 | |
| Apple iOS and macOS | =10.15.6-supplemental_update | |
| Apple iOS and macOS | =10.15.7 | |
| Apple iOS and macOS | =10.15.7 | |
| Apple iOS and macOS | =10.15.7-security_update_2020 | |
| Apple iOS and macOS | =10.15.7-security_update_2020-001 | |
| Apple iOS and macOS | =10.15.7-security_update_2020-005 | |
| Apple iOS and macOS | =10.15.7-security_update_2020-007 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-001 | |
| macOS | >=11.0<11.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT212327 (Advisory)
- https://support.apple.com/en-us/HT212326 (Advisory)
- https://support.apple.com/en-us/HT212325 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-1853
- CVE-2021-1849
- CVE-2021-1867
- CVE-2021-1810
- CVE-2021-1808
- CVE-2021-1857
- CVE-2021-30752
- CVE-2021-30664
- CVE-2021-1846
- CVE-2021-1809
- CVE-2021-30659
- CVE-2021-1847
- CVE-2021-1811
- CVE-2020-8284
- CVE-2020-8286
- CVE-2020-8285
- CVE-2021-1784
- CVE-2021-1872
- CVE-2021-1881
- CVE-2021-1882
- CVE-2021-1813
- CVE-2021-1883
- CVE-2021-1884
- CVE-2021-1880
- CVE-2021-30653
- CVE-2021-1814
- CVE-2021-1843
- CVE-2021-1885
- CVE-2021-1858
- CVE-2021-30743
- CVE-2021-30658
- CVE-2021-1841
- CVE-2021-1834
- CVE-2021-1860
- CVE-2021-1840
- CVE-2021-1851
- CVE-2021-1832
- CVE-2021-30660
- CVE-2021-30652
- CVE-2021-1875
- CVE-2021-1824
- CVE-2021-1859
- CVE-2021-1876
- CVE-2021-1815
- CVE-2021-1739
- CVE-2021-1740
- CVE-2021-1861
- CVE-2021-1855
- CVE-2021-1868
- CVE-2021-30750
- CVE-2021-1878
- CVE-2021-30657
- CVE-2021-30856
- CVE-2020-8037
- CVE-2021-1839
- CVE-2021-1825
- CVE-2021-1817
- CVE-2021-1826
- CVE-2021-1820
- CVE-2021-30661
- CVE-2020-7463
- CVE-2021-1828
- CVE-2021-1829
- CVE-2021-30655
- CVE-2021-1770
- CVE-2021-1873
- CVE-2021-1797
- CVE-2020-27942
- CVE-2020-3838
- CVE-2021-1805
- CVE-2021-1806
Frequently Asked Questions
What is CVE-2021-1840?
CVE-2021-1840 is a vulnerability in the kernel that allows memory corruption.
How can the CVE-2021-1840 vulnerability be exploited?
The CVE-2021-1840 vulnerability can be exploited by an attacker to corrupt memory in the kernel.
What products are affected by CVE-2021-1840?
CVE-2021-1840 affects Apple's Catalina, Mojave, and macOS Big Sur up to version 11.3.
What is the severity of CVE-2021-1840?
The severity of CVE-2021-1840 is not specified.
How can I fix the CVE-2021-1840 vulnerability?
To fix the CVE-2021-1840 vulnerability, users should update their Apple operating systems to the latest version available.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/event
- agent/trending
- agent/source
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- vendor/apple
- canonical/apple macos
- canonical/macos catalina
- canonical/macos mojave
- canonical/apple ios and macos
- version/apple ios and macos/10.14
- version/apple ios and macos/10.14.0
- version/apple ios and macos/10.14.1
- version/apple ios and macos/10.14.2
- version/apple ios and macos/10.14.3
- version/apple ios and macos/10.14.4
- version/apple ios and macos/10.14.4-beta4
- version/apple ios and macos/10.14.5
- version/apple ios and macos/10.14.6
- version/apple ios and macos/10.14.6-security_update_2019-001
- version/apple ios and macos/10.14.6-security_update_2019-002
- version/apple ios and macos/10.14.6-security_update_2019-004
- version/apple ios and macos/10.14.6-security_update_2019-005
- version/apple ios and macos/10.14.6-security_update_2019-006
- version/apple ios and macos/10.14.6-security_update_2019-007
- version/apple ios and macos/10.14.6-security_update_2020-001
- version/apple ios and macos/10.14.6-security_update_2020-002
- version/apple ios and macos/10.14.6-security_update_2020-003
- version/apple ios and macos/10.14.6-security_update_2020-004
- version/apple ios and macos/10.14.6-security_update_2020-005
- version/apple ios and macos/10.14.6-security_update_2020-006
- version/apple ios and macos/10.14.6-security_update_2020-007
- version/apple ios and macos/10.14.6-security_update_2021-001
- version/apple ios and macos/10.14.6-security_update_2021-002
- version/apple ios and macos/10.15
- version/apple ios and macos/10.15.1
- version/apple ios and macos/10.15.2
- version/apple ios and macos/10.15.3
- version/apple ios and macos/10.15.4
- version/apple ios and macos/10.15.5
- version/apple ios and macos/10.15.6
- version/apple ios and macos/10.15.6-supplemental_update
- version/apple ios and macos/10.15.7
- version/apple ios and macos/10.15.7-security_update_2020
- version/apple ios and macos/10.15.7-security_update_2020-001
- version/apple ios and macos/10.15.7-security_update_2020-005
- version/apple ios and macos/10.15.7-security_update_2020-007
- version/apple ios and macos/10.15.7-security_update_2021-001
- canonical/macos
- version/macos/11.0