CVE-2021-30963: Buffer Overflow
First published: Tue Aug 24 2021(Updated: )
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. Parsing a maliciously crafted audio file may lead to disclosure of user information.
Credit: JunDong Xie Ant Security Light cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | <11.6.2 | 11.6.2 |
| macOS Catalina | ||
| Apple iOS and macOS | >=10.15<=10.15.7 | |
| Apple iOS and macOS | =10.15.7-security_update_2020-001 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-001 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-002 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-003 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-004 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-005 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-006 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-007 | |
| Apple iOS and macOS | >=11.0<11.6.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT212979 (Advisory)
- https://support.apple.com/en-us/HT212981 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30950
- CVE-2021-30931
- CVE-2021-30935
- CVE-2021-30942
- CVE-2021-30957
- CVE-2021-30962
- CVE-2021-30959
- CVE-2021-30961
- CVE-2021-30963
- CVE-2021-30958
- CVE-2021-30945
- CVE-2021-31007
- CVE-2021-31013
- CVE-2021-30895
- CVE-2021-30977
- CVE-2021-30969
- CVE-2021-30939
- CVE-2021-30981
- CVE-2021-30982
- CVE-2021-30927
- CVE-2021-30980
- CVE-2021-30937
- CVE-2021-30949
- CVE-2021-30990
- CVE-2021-30976
- CVE-2021-30929
- CVE-2021-30979
- CVE-2021-30940
- CVE-2021-30941
- CVE-2021-30973
- CVE-2021-30971
- CVE-2021-30995
- CVE-2021-30968
- CVE-2021-30947
- CVE-2021-30946
- CVE-2021-30975
- CVE-2021-31002
- CVE-2021-30767
- CVE-2021-30970
- CVE-2021-30965
- CVE-2021-30938
Frequently Asked Questions
What is CVE-2021-30963?
CVE-2021-30963 is a vulnerability in CoreAudio that allows for a buffer overflow issue due to inadequate memory handling.
What software is affected by CVE-2021-30963?
CVE-2021-30963 affects macOS Big Sur version up to and exclusive of 11.6.2, as well as Apple Catalina.
How can I fix CVE-2021-30963?
To fix CVE-2021-30963, update macOS Big Sur to version 11.6.2 or later, and apply any recommended security patches for Apple Catalina.
What is the severity of CVE-2021-30963?
The severity of CVE-2021-30963 is not specified.
Where can I find more information about CVE-2021-30963?
You can find more information about CVE-2021-30963 in the references provided by Apple: https://support.apple.com/en-us/HT212979 and https://support.apple.com/en-us/HT212981.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- collector/apple-support
- alias/CVE-2021-30961
- alias/CVE-2021-30963
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/apple
- canonical/apple macos
- canonical/macos catalina
- canonical/apple ios and macos
- version/apple ios and macos/10.15
- version/apple ios and macos/10.15.7
- version/apple ios and macos/10.15.7-security_update_2020-001
- version/apple ios and macos/10.15.7-security_update_2021-001
- version/apple ios and macos/10.15.7-security_update_2021-002
- version/apple ios and macos/10.15.7-security_update_2021-003
- version/apple ios and macos/10.15.7-security_update_2021-004
- version/apple ios and macos/10.15.7-security_update_2021-005
- version/apple ios and macos/10.15.7-security_update_2021-006
- version/apple ios and macos/10.15.7-security_update_2021-007
- version/apple ios and macos/11.0