CVE-2021-30938

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A local user may be able to cause unexpected system termination or read kernel memory.

CVSS v3 7.7 HIGH
CVSS v2.0 6.6 MEDIUM

7.7^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.5 / Impact : 5.2

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

6.6^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:L/Au:N/C:C/I:N/A:C

Exploitability : 3.9 / Impact : 9.2

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
https://support.apple.com/en-us/HT212978
https://support.apple.com/en-us/HT212979
https://support.apple.com/en-us/HT212981

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:apple:mac_os_x::::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:-::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006::::::
	cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007::::::
	cpe:2.3:o:apple:macos::::::::
	cpe:2.3:o:apple:macos::::::::

History

No history.

Information

Published : 2021-08-24 19:15

Updated : 2023-11-07 03:33

NVD link : CVE-2021-30938

Mitre link : CVE-2021-30938

CVE.ORG link : CVE-2021-30938

JSON object : View

Products Affected

apple

mac_os_x
macos

CWE

NVD-CWE-noinfo

{"id": "CVE-2021-30938", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 9.2, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.5}]}, "published": "2021-08-24T19:15:20.970", "references": [{"url": "https://support.apple.com/en-us/HT212978", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT212979", "source": "product-security@apple.com"}, {"url": "https://support.apple.com/en-us/HT212981", "source": "product-security@apple.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.1, Security Update 2021-008 Catalina, macOS Big Sur 11.6.2. A local user may be able to cause unexpected system termination or read kernel memory."}, {"lang": "es", "value": "Se abord\u00f3 este problema con comprobaciones mejoradas. Este problema es corregido en macOS Monterey versi\u00f3n 12.1, Security Update 2021-008 Catalina, macOS Big Sur versi\u00f3n 11.6.2. Un usuario local puede conllevar a una terminaci\u00f3n no esperada del sistema o leer la memoria del kernel"}], "lastModified": "2023-11-07T03:33:57.240", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB8A73F8-3074-4B32-B9F6-343B6B1988C5", "versionEndExcluding": "10.15.7", "versionStartIncluding": "10.15"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A654B8A2-FC30-4171-B0BB-366CD7ED4B6A"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-001:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1F4BF7F-90D4-4668-B4E6-B06F4070F448"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-005:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FD7176C-F4D1-43A7-9E49-BA92CA0D9980"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2020-007:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2703DE0B-8A9E-4A9D-9AE8-028E22BF47CA"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-001:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F441A43-1669-478D-9EC8-E96882DE4F9F"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-002:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D425C653-37A2-448C-BF2F-B684ADB08A26"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-003:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A54D63B7-B92B-47C3-B1C5-9892E5873A98"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-004:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3456176F-9185-4EE2-A8CE-3D989D674AB7"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-005:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D337EE21-2F00-484D-9285-F2B0248D7A19"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-006:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "012052B5-9AA7-4FD3-9C80-5F615330039D"}, {"criteria": "cpe:2.3:o:apple:mac_os_x:10.15.7:security_update_2021-007:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "50F21A3C-0AC3-48C5-A4F8-5A7B478875B4"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "287EBE44-07C0-41D3-B268-CC86CA5FD792", "versionEndExcluding": "11.6.2", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "691EE787-F014-486B-A88A-E4D54F03B3DC", "versionEndIncluding": "12.1", "versionStartIncluding": "12.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@apple.com"}