CVE-2021-30790: Input Validation
Published Jul 21, 2021
·Updated
AMD Kernel. A memory corruption issue was addressed with improved input validation.
Credit
hjy79425575(Trend Micro Zero Day Initiative), Denis Tokarev@@illusionofcha0s, Csaba Fitzl@@theevilbit(Offensive Security), tr3e, George Nosenko, JunDong Xie(Ant Security Light), ryuzaki, Zhongcheng Li (CK01), Ron Waisberg@@epsilan, Tim Michaud@@TimGMichaud(Zoom Video Communications), Gary Nield(ECSC Group plc), Mickey Jin@@patch1t(Trend Micro), Sunglin(Knownsec 404 team), Yizhuo Wang(Group of Software Security In Progress), Linus Henze (pinauten.de), Wojciech Reguła@@_r3ggi(SecuRing), tr3e(Trend Micro Zero Day Initiative), Matt Shockley (twitter.com/mattshockl)(Offensive Security), Jzhu(Baidu Security), Ye Zhang@@co0py_Cat(Baidu Security), CFF(Topsec Alpha Team), Anonymous(Trend Micro Zero Day Initiative), Liu Long(Ant Security Light), Yinyi Wu@@3ndy1(Qihoo 360 Vulcan Team), Zuozhi Fan@@pattern_F_(Ant Security TianQiong Lab), CVE-2021-3518, Georgi Valkov (httpstorm.com), Mickey Jin@@patch1t(Trend Micro working with Trend Micro Zero Day Initiative), Christoph Guttandin(Media Codings), Sergei Glazunov(Google Project Zero), Ivan Fratric(Google Project Zero), ABC Research s.r.o
Affected Software
35 affected componentsFixes available
Apple macOS Big Sur<11.5
11.5
Apple Catalina
Apple Mojave
Apple iOS and macOS>=10.14<=10.14.5
Apple iOS and macOS>=10.15<=10.15.6
Apple iOS and macOS=10.14.6
Apple iOS and macOS=10.14.6-security_update_2019-001
Apple iOS and macOS=10.14.6-security_update_2019-002
Apple iOS and macOS=10.14.6-security_update_2019-004
Apple iOS and macOS=10.14.6-security_update_2019-005
Apple iOS and macOS=10.14.6-security_update_2019-006
Apple iOS and macOS=10.14.6-security_update_2019-007
Apple iOS and macOS=10.14.6-security_update_2020-001
Apple iOS and macOS=10.14.6-security_update_2020-002
Apple iOS and macOS=10.14.6-security_update_2020-003
Apple iOS and macOS=10.14.6-security_update_2020-004
Apple iOS and macOS=10.14.6-security_update_2020-005
Apple iOS and macOS=10.14.6-security_update_2020-006
Apple iOS and macOS=10.14.6-security_update_2020-007
Apple iOS and macOS=10.14.6-security_update_2021-001
Apple iOS and macOS=10.14.6-security_update_2021-002
Apple iOS and macOS=10.14.6-security_update_2021-003
Apple iOS and macOS=10.14.6-security_update_2021-004
Apple iOS and macOS=10.14.6-supplemental_update
Apple iOS and macOS=10.14.6-supplemental_update_2
Apple iOS and macOS=10.15.7
Apple iOS and macOS=10.15.7-security_update_2020
Apple iOS and macOS=10.15.7-security_update_2020-001
Apple iOS and macOS=10.15.7-security_update_2020-005
Apple iOS and macOS=10.15.7-security_update_2020-007
Apple iOS and macOS=10.15.7-security_update_2021-001
Apple iOS and macOS=10.15.7-security_update_2021-002
Apple iOS and macOS=10.15.7-security_update_2021-003
Apple iOS and macOS=10.15.7-supplemental_update
Apple macOS>=11.0<11.5
Event History
Jul 21, 2021
Data Sourced
via Apple·12:00 AM
DescriptionWeaknessAffected Software
Updated
via Apple·12:00 AM
DescriptionWeakness
Sep 8, 2021
CVE Published
via MITRE·01:49 PM
Data Sourced
via MITRE·01:49 PM
DescriptionWeakness
Frequently Asked Questions
1
What is CVE-2021-30790?
CVE-2021-30790 is an information disclosure vulnerability in AppKit, which has been addressed by removing the vulnerable code.
2
What software are affected by CVE-2021-30790?
The affected software includes Apple Mojave, Apple Catalina, and Apple macOS Big Sur version 11.5.
3
How can I fix CVE-2021-30790?
To fix CVE-2021-30790, you should ensure that you have installed the latest updates from Apple.
4
Where can I find more information about CVE-2021-30790?
You can find more information about CVE-2021-30790 on the Apple support page: [link](https://support.apple.com/en-us/HT212600).