CVE-2021-30857: Race Condition
First published: Tue Aug 24 2021(Updated: )
A race condition was addressed with improved locking. This issue is fixed in Security Update 2021-005 Catalina, iOS 14.8 and iPadOS 14.8, tvOS 15, iOS 15 and iPadOS 15, watchOS 8, macOS Big Sur 11.6. A malicious application may be able to execute arbitrary code with kernel privileges.
Credit: Zweig Kunlun LabManish Bhatt @Meta Red Team XZweig Kunlun LabManish Bhatt @Meta Red Team XZweig Kunlun LabManish Bhatt @Meta Red Team XZweig Kunlun LabManish Bhatt @Meta Red Team XZweig Kunlun LabManish Bhatt @Meta Red Team XZweig Kunlun Lab cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple iPadOS | <15.0 | |
| Apple iPhone OS | <15.0 | |
| Apple Mac OS X | <10.15.7 | |
| Apple Mac OS X | =10.15.7 | |
| Apple Mac OS X | =10.15.7-security_update_2020-001 | |
| Apple Mac OS X | =10.15.7-security_update_2021-001 | |
| Apple Mac OS X | =10.15.7-security_update_2021-002 | |
| Apple Mac OS X | =10.15.7-security_update_2021-003 | |
| Apple Mac OS X | =10.15.7-security_update_2021-004 | |
| Apple Mac OS X | =10.15.7-supplemental_update | |
| Apple macOS | >=11.0<11.6 | |
| Apple tvOS | <15.0 | |
| Apple watchOS | <8.0 | |
| Apple Catalina | ||
| Apple macOS Big Sur | <11.6 | 11.6 |
| Apple watchOS | <8 | 8 |
| Apple tvOS | <15 | 15 |
| Apple iOS | <14.8 | 14.8 |
| Apple iPadOS | <14.8 | 14.8 |
| Apple iOS | <15 | 15 |
| Apple iPadOS | <15 | 15 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT212804 (Advisory)
- https://support.apple.com/en-us/HT212805 (Advisory)
- https://support.apple.com/en-us/HT212807 (Advisory)
- https://support.apple.com/en-us/HT212814 (Advisory)
- https://support.apple.com/en-us/HT212815 (Advisory)
- https://support.apple.com/en-us/HT212819 (Advisory)
Parent vulnerabilities
(Appears in the following advisories)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30811
- CVE-2021-30838
- CVE-2021-30834
- CVE-2021-30928
- CVE-2021-30860
- CVE-2021-31010
- CVE-2021-30827
- CVE-2021-30828
- CVE-2021-30829
- CVE-2021-22925
- CVE-2021-30832
- CVE-2021-30841
- CVE-2021-30842
- CVE-2021-30843
- CVE-2021-30853
- CVE-2021-30933
- CVE-2021-30835
- CVE-2021-30847
- CVE-2021-30830
- CVE-2021-30865
- CVE-2021-30857
- CVE-2021-30859
- CVE-2021-30864
- CVE-2013-0340
- CVE-2021-30813
- CVE-2021-30819
- CVE-2021-30855
- CVE-2021-30925
- CVE-2021-30850
- CVE-2021-30845
- CVE-2021-30844
- CVE-2021-30858
- CVE-2021-30783
- CVE-2020-29622
- CVE-2021-30713
- CVE-2021-30820
- CVE-2021-30905
- CVE-2021-30852
- CVE-2021-30826
- CVE-2021-30818
- CVE-2021-30823
- CVE-2021-30836
- CVE-2021-30848
- CVE-2021-30849
- CVE-2021-30846
- CVE-2021-30837
- CVE-2021-30866
- CVE-2021-30825
- CVE-2021-30863
- CVE-2021-30816
- CVE-2021-30882
- CVE-2021-30831
- CVE-2021-30840
- CVE-2021-30867
- CVE-2021-30814
- CVE-2021-30874
- CVE-2021-30854
- CVE-2021-30898
- CVE-2021-30870
- CVE-2021-30808
- CVE-2021-30815
- CVE-2021-31001
- CVE-2021-31005
- CVE-2021-31008
- CVE-2021-30897
- CVE-2021-30884
- CVE-2021-30809
- CVE-2021-30851
- CVE-2021-30930
- CVE-2021-30810
Frequently Asked Questions
What is vulnerability CVE-2021-30857?
Vulnerability CVE-2021-30857 is a race condition in the kernel that has been addressed with improved locking.
Which software versions are affected by CVE-2021-30857?
CVE-2021-30857 affects Apple watchOS up to version 8, macOS Big Sur up to version 11.6, iOS up to version 15, iPadOS up to version 15, iOS up to version 14.8, iPadOS up to version 14.8, Apple Catalina, and Apple tvOS up to version 15.
How severe is vulnerability CVE-2021-30857?
The severity of vulnerability CVE-2021-30857 is not specified in the provided information.
How can I fix vulnerability CVE-2021-30857?
To fix vulnerability CVE-2021-30857, users should update their affected software to the latest available version provided by Apple.
Where can I find more information about vulnerability CVE-2021-30857?
More information about vulnerability CVE-2021-30857 can be found on the Apple security advisory page: [Apple support page](https://support.apple.com/en-us/HT212814).
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- agent/weakness
- collector/apple-support
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/apple
- canonical/apple macos big sur
- canonical/apple catalina
- canonical/apple ios
- canonical/apple ipados
- canonical/apple tvos
- canonical/apple watchos
- canonical/apple iphone os
- canonical/apple mac os x
- version/apple mac os x/10.15.7
- version/apple mac os x/10.15.7-security_update_2020-001
- version/apple mac os x/10.15.7-security_update_2021-001
- version/apple mac os x/10.15.7-security_update_2021-002
- version/apple mac os x/10.15.7-security_update_2021-003
- version/apple mac os x/10.15.7-security_update_2021-004
- version/apple mac os x/10.15.7-supplemental_update
- canonical/apple macos
- version/apple macos/11.0