CVE-2021-30973: Input Validation
First published: Tue Aug 24 2021(Updated: )
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.1, iOS 15.2 and iPadOS 15.2, macOS Big Sur 11.6.2, Security Update 2021-008 Catalina. Processing a maliciously crafted file may disclose user information.
Credit: Ye Zhang @co0py_Cat Baidu Security cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apple macOS | <11.6.2 | 11.6.2 |
| macOS Catalina | ||
| macOS | <12.1 | 12.1 |
| Apple iOS and iPadOS | <15.2 | 15.2 |
| Apple iOS, iPadOS, and macOS | <15.2 | 15.2 |
| Apple iOS, iPadOS, and macOS | <15.2 | |
| iPhone OS | <15.2 | |
| Apple iOS and macOS | >=10.15<=10.15.7 | |
| Apple iOS and macOS | =10.15.7-security_update_2020-001 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-001 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-002 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-003 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-004 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-005 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-006 | |
| Apple iOS and macOS | =10.15.7-security_update_2021-007 | |
| macOS | >=11.0<11.6.2 | |
| macOS | >=12.0<12.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://support.apple.com/en-us/HT212976 (Advisory)
- https://support.apple.com/en-us/HT212978 (Advisory)
- https://support.apple.com/en-us/HT212979 (Advisory)
- https://support.apple.com/en-us/HT212981 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2021-30950
- CVE-2021-30931
- CVE-2021-30935
- CVE-2021-30942
- CVE-2021-30957
- CVE-2021-30962
- CVE-2021-30959
- CVE-2021-30961
- CVE-2021-30963
- CVE-2021-30958
- CVE-2021-30945
- CVE-2021-31007
- CVE-2021-31013
- CVE-2021-30895
- CVE-2021-30977
- CVE-2021-30969
- CVE-2021-30939
- CVE-2021-30981
- CVE-2021-30982
- CVE-2021-30927
- CVE-2021-30980
- CVE-2021-30937
- CVE-2021-30949
- CVE-2021-30990
- CVE-2021-30976
- CVE-2021-30929
- CVE-2021-30979
- CVE-2021-30940
- CVE-2021-30941
- CVE-2021-30973
- CVE-2021-30971
- CVE-2021-30995
- CVE-2021-30968
- CVE-2021-30947
- CVE-2021-30946
- CVE-2021-30975
- CVE-2021-31002
- CVE-2021-30767
- CVE-2021-30970
- CVE-2021-30965
- CVE-2021-30938
- CVE-2021-30987
- CVE-2021-30960
- CVE-2021-30986
- CVE-2021-30966
- CVE-2021-30926
- CVE-2021-31000
- CVE-2021-30996
- CVE-2021-30993
- CVE-2021-30955
- CVE-2021-30943
- CVE-2021-31009
- CVE-2021-30944
- CVE-2021-30972
- CVE-2021-30964
- CVE-2021-30934
- CVE-2021-30936
- CVE-2021-30951
- CVE-2021-30952
- CVE-2021-30984
- CVE-2021-30953
- CVE-2021-30954
- CVE-2021-30956
- CVE-2021-30992
- CVE-2021-30983
- CVE-2021-30985
- CVE-2021-30991
- CVE-2021-30998
- CVE-2021-30997
- CVE-2021-30967
- CVE-2021-30988
- CVE-2021-30932
- CVE-2021-30948
Frequently Asked Questions
What is CVE-2021-30973?
CVE-2021-30973 is a vulnerability in Model I/O that allows for an out-of-bounds read due to insufficient input validation.
How does CVE-2021-30973 impact Apple Catalina?
CVE-2021-30973 impacts Apple Catalina as it is listed as one of the affected software versions.
How can CVE-2021-30973 be exploited?
CVE-2021-30973 can be exploited by an attacker who crafts a malicious input that triggers the out-of-bounds read vulnerability.
What is the severity of CVE-2021-30973?
The severity of CVE-2021-30973 is not mentioned in the provided information. Please refer to the vendor's advisory for more details.
How can I fix CVE-2021-30973?
To fix CVE-2021-30973, it is recommended to update to the latest version of the affected software as mentioned in the vendor's advisory.
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/trending
- agent/source
- collector/apple-support
- agent/software-canonical-lookup-request
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/apple
- canonical/apple macos
- canonical/macos catalina
- canonical/macos
- canonical/apple ios and ipados
- canonical/apple ios, ipados, and macos
- canonical/iphone os
- canonical/apple ios and macos
- version/apple ios and macos/10.15
- version/apple ios and macos/10.15.7
- version/apple ios and macos/10.15.7-security_update_2020-001
- version/apple ios and macos/10.15.7-security_update_2021-001
- version/apple ios and macos/10.15.7-security_update_2021-002
- version/apple ios and macos/10.15.7-security_update_2021-003
- version/apple ios and macos/10.15.7-security_update_2021-004
- version/apple ios and macos/10.15.7-security_update_2021-005
- version/apple ios and macos/10.15.7-security_update_2021-006
- version/apple ios and macos/10.15.7-security_update_2021-007
- version/macos/11.0
- version/macos/12.0