What is CVE-2021-30865?

CVE-2021-30865 is a vulnerability in the Kernel that allows an out-of-bounds read due to improved input validation.

What software is affected by CVE-2021-30865?

The affected software includes macOS Big Sur versions up to and exclusive of 11.6, and Apple Catalina.

How severe is CVE-2021-30865?

The severity of CVE-2021-30865 is not specified.

How can I fix CVE-2021-30865?

To fix CVE-2021-30865, update to the latest version of macOS Big Sur or Apple Catalina as soon as it becomes available.

Where can I find more information about CVE-2021-30865?

You can find more information about CVE-2021-30865 on the Apple support page: [https://support.apple.com/en-us/HT212804](https://support.apple.com/en-us/HT212804) and [https://support.apple.com/en-us/HT212805](https://support.apple.com/en-us/HT212805).

Vulnerability/
CVE-2021-30865

critical

9.3

CWE

20 125

24/8/2021

3/8/2024

CVE-2021-30865: Input Validation

First published: Tue Aug 24 2021(Updated: )

An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.6, Security Update 2021-005 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges.

Credit: Zweig Kunlun Lab cve@mitre.org Zweig Kunlun Lab

Affected Software	Affected Version	How to fix
Apple Catalina
Apple macOS Big Sur	<11.6	11.6
Apple Mac OS X	<10.15.7
Apple Mac OS X	=10.15.7
Apple Mac OS X	=10.15.7-security_update_2020-001
Apple Mac OS X	=10.15.7-security_update_2021-001
Apple Mac OS X	=10.15.7-security_update_2021-002
Apple Mac OS X	=10.15.7-security_update_2021-003
Apple Mac OS X	=10.15.7-security_update_2021-004
Apple Mac OS X	=10.15.7-supplemental_update
Apple macOS	>=11.0<11.6

Never miss a vulnerability like this again

Reference Links

https://support.apple.com/en-us/HT212805 (Advisory)
https://support.apple.com/en-us/HT212804 (Advisory)

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is CVE-2021-30865?
CVE-2021-30865 is a vulnerability in the Kernel that allows an out-of-bounds read due to improved input validation.
What software is affected by CVE-2021-30865?
The affected software includes macOS Big Sur versions up to and exclusive of 11.6, and Apple Catalina.
How severe is CVE-2021-30865?
The severity of CVE-2021-30865 is not specified.
How can I fix CVE-2021-30865?
To fix CVE-2021-30865, update to the latest version of macOS Big Sur or Apple Catalina as soon as it becomes available.
Where can I find more information about CVE-2021-30865?
You can find more information about CVE-2021-30865 on the Apple support page: [https://support.apple.com/en-us/HT212804](https://support.apple.com/en-us/HT212804) and [https://support.apple.com/en-us/HT212805](https://support.apple.com/en-us/HT212805).

collector/apple-support
collector/nvd-index
agent/type
agent/softwarecombine
agent/software-canonical-lookup-request
collector/mitre-cve
source/MITRE
agent/references
agent/author
agent/severity
agent/last-modified-date
agent/weakness
agent/tags
agent/first-publish-date
agent/event
agent/description
agent/trending
vendor/apple
canonical/apple catalina
canonical/apple mac os x
version/apple mac os x/10.15.7
version/apple mac os x/10.15.7-security_update_2020-001
version/apple mac os x/10.15.7-security_update_2021-001
version/apple mac os x/10.15.7-security_update_2021-002
version/apple mac os x/10.15.7-security_update_2021-003
version/apple mac os x/10.15.7-security_update_2021-004
version/apple mac os x/10.15.7-supplemental_update
canonical/apple macos
version/apple macos/11.0
canonical/apple macos big sur