First published: Mon May 24 2021(Updated: )
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.4, Security Update 2021-003 Catalina, Security Update 2021-004 Mojave, iOS 14.6 and iPadOS 14.6. Processing a maliciously crafted USD file may disclose memory contents.
Credit: Mickey Jin & Junzhi Lu (@pwn0rz) @patch1t Trend MicroMickey Jin & Junzhi Lu (@pwn0rz) @patch1t Trend MicroMickey Jin & Junzhi Lu (@pwn0rz) @patch1t Trend MicroMickey Jin & Junzhi Lu (@pwn0rz) @patch1t Trend Micro product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple Catalina | ||
Apple macOS Big Sur | <11.4 | 11.4 |
Apple Mojave | ||
Apple iOS | <14.6 | 14.6 |
Apple iPadOS | <14.6 | 14.6 |
Apple iPadOS | <14.6 | |
Apple iPhone OS | <14.6 | |
Apple Mac OS X | >=10.14<=10.14.5 | |
Apple Mac OS X | >=10.15<=10.15.6 | |
Apple Mac OS X | =10.14.6 | |
Apple Mac OS X | =10.14.6-security_update_2019-001 | |
Apple Mac OS X | =10.14.6-security_update_2019-002 | |
Apple Mac OS X | =10.14.6-security_update_2019-004 | |
Apple Mac OS X | =10.14.6-security_update_2019-005 | |
Apple Mac OS X | =10.14.6-security_update_2019-006 | |
Apple Mac OS X | =10.14.6-security_update_2019-007 | |
Apple Mac OS X | =10.14.6-security_update_2020-001 | |
Apple Mac OS X | =10.14.6-security_update_2020-002 | |
Apple Mac OS X | =10.14.6-security_update_2020-003 | |
Apple Mac OS X | =10.14.6-security_update_2020-004 | |
Apple Mac OS X | =10.14.6-security_update_2020-005 | |
Apple Mac OS X | =10.14.6-security_update_2020-006 | |
Apple Mac OS X | =10.14.6-security_update_2020-007 | |
Apple Mac OS X | =10.14.6-security_update_2021-001 | |
Apple Mac OS X | =10.14.6-security_update_2021-002 | |
Apple Mac OS X | =10.14.6-security_update_2021-003 | |
Apple Mac OS X | =10.14.6-supplemental_update | |
Apple Mac OS X | =10.14.6-supplemental_update_2 | |
Apple Mac OS X | =10.15.7 | |
Apple Mac OS X | =10.15.7-security_update_2020 | |
Apple Mac OS X | =10.15.7-security_update_2020-001 | |
Apple Mac OS X | =10.15.7-security_update_2020-005 | |
Apple Mac OS X | =10.15.7-security_update_2020-007 | |
Apple Mac OS X | =10.15.7-security_update_2021-001 | |
Apple Mac OS X | =10.15.7-security_update_2021-002 | |
Apple Mac OS X | =10.15.7-supplemental_update | |
Apple macOS | >=11.0<11.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2021-30695 is a vulnerability in Model I/O that allows an out-of-bounds read.
CVE-2021-30695 affects macOS Big Sur version 11.4 and earlier.
Yes, Apple Mojave is affected by CVE-2021-30695.
To fix CVE-2021-30695 on iOS and iPadOS, update to version 14.6 or later.
You can find more information about CVE-2021-30695 on Apple's support website at the following links: [link1](https://support.apple.com/en-us/HT212530), [link2](https://support.apple.com/en-us/HT212529), [link3](https://support.apple.com/en-us/HT212531).