First published: Mon May 24 2021(Updated: )
PackageKit. An issue with path validation logic for hardlinks was addressed with improved path sanitization.
Credit: Qingyang Chen Topsec Alpha TeamCsaba Fitzl @theevilbit Offensive SecurityQingyang Chen Topsec Alpha TeamCsaba Fitzl @theevilbit Offensive Security product-security@apple.com
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Big Sur | <11.4 | 11.4 |
Apple Mojave | ||
Apple Mac OS X | >=10.14.0<=10.14.5 | |
Apple Mac OS X | =10.14.6 | |
Apple Mac OS X | =10.14.6-security_update_2019-001 | |
Apple Mac OS X | =10.14.6-security_update_2019-002 | |
Apple Mac OS X | =10.14.6-security_update_2019-004 | |
Apple Mac OS X | =10.14.6-security_update_2019-005 | |
Apple Mac OS X | =10.14.6-security_update_2019-006 | |
Apple Mac OS X | =10.14.6-security_update_2019-007 | |
Apple Mac OS X | =10.14.6-security_update_2020-001 | |
Apple Mac OS X | =10.14.6-security_update_2020-002 | |
Apple Mac OS X | =10.14.6-security_update_2020-003 | |
Apple Mac OS X | =10.14.6-security_update_2020-004 | |
Apple Mac OS X | =10.14.6-security_update_2020-005 | |
Apple Mac OS X | =10.14.6-security_update_2020-006 | |
Apple Mac OS X | =10.14.6-security_update_2020-007 | |
Apple Mac OS X | =10.14.6-security_update_2021-001 | |
Apple Mac OS X | =10.14.6-security_update_2021-002 | |
Apple Mac OS X | =10.14.6-security_update_2021-003 | |
Apple Mac OS X | =10.14.6-supplemental_update | |
Apple Mac OS X | =10.14.6-supplemental_update_2 | |
Apple macOS | >=11.0.1<11.4 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
CVE-2021-30738 is a vulnerability in PackageKit that allows a malicious application to overwrite arbitrary files.
CVE-2021-30738 affects macOS Big Sur 11.4 by introducing a vulnerability that allows a malicious application to overwrite arbitrary files.
Yes, Apple Mojave is also affected by CVE-2021-30738.
To mitigate the vulnerability in macOS Big Sur 11.4, it is recommended to update to the latest version of the operating system and apply any available security patches.
More information about CVE-2021-30738 can be found on the Apple support website: [https://support.apple.com/en-us/HT212529](https://support.apple.com/en-us/HT212529)