Sign-up

ID

VAR-202108-1374


CVE

CVE-2021-30869


TITLE

Pillow Buffer error vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

DESCRIPTION

A type confusion issue was addressed with improved state handling. This issue is fixed in iOS 12.5.5, iOS 14.4 and iPadOS 14.4, macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, Security Update 2021-006 Catalina. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of reports that an exploit for this issue exists in the wild. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-23-1 iOS 12.5.5 iOS 12.5.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212824. CoreGraphics Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. CVE-2021-30860: The Citizen Lab WebKit Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30858: an anonymous researcher XNU Available for: iPhone 5s, iPhone 6, iPhone 6 Plus, iPad Air, iPad mini 2, iPad mini 3, and iPod touch (6th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges. CVE-2021-30869: Erye Hernandez of Google Threat Analysis Group, Clément Lecigne of Google Threat Analysis Group, and Ian Beer of Google Project Zero Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About * The version after applying this update will be "12.5.5" Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmFMwTMACgkQeC9qKD1p rhgcXBAAyiXSTr7W8qmZJBjvLtLCHgFktFKHCjlufFKhQprFBUTWFgvYbqKLBg5w WHR9AqL+QUDtyybsf/STlITmcy7FtOlr1Ru/B9tVR/BKAS/8e2ngOVKcY2ska7Pb SuPsiyc9UI1VdxDZBkVfbTbDj3YMKOrK1ORK4UMDISU6bAbwMqFpriV9vCijk2Xh F7PFFlt9NwknUcuEEm7wT//hyLgZFx6mefFxTuBqKaHbHgCoAB6SJrCCHP2kU9rY +6IVq0xLEzEG5NNw/rQ/Xq0HVoNQiprQSCsSlwSgvuj/F9IdIcT+n0rdevK5wpIJ wlvKq0WG0Zumeq/vkpKtfB07nlsHmMOGldyRlGKd6xKcX3hM5Z3uFAvHQl6GByFx ALTfA7xcHKCNH6TBaAeAJIFOzDLDYghp4vsIEgnj1cZwc8IVQ0bAAgRgoQOXgwic 2IS9la1JmxG8/AzAWp9rSRMdQG8AvSaJFCS8sLjaprwC4d6MVESkJiJwEodx/x/g 6x4U1mP31UJARdlGDW3IZL7vbVr06Tv4fsF6sVxrtoDL8nDYp+bD0Qz67J9M0thx 08Ua7+lBw/sXIRhZMLJL5yxSQUPUBUIbWtWzZneDZWripUnL3WV3+mph68N6KnDz ORv11TKhITXpDkKV9VhMnBBAGw9oipBapqhNup6dYwpdPp4+M5g= =mQdQ -----END PGP SIGNATURE-----

Trust: 1.8

sources: NVD: CVE-2021-30869 // CNNVD: CNNVD-202104-975 // VULHUB: VHN-390602 // VULMON: CVE-2021-30869 // PACKETSTORM: 164280 // PACKETSTORM: 164277

AFFECTED PRODUCTS

vendor:applemodel:mac os xscope:lteversion:10.14.6

Trust: 1.0

vendor:applemodel:mac os xscope:lteversion:10.15.6

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.15.7

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:12.5.5

Trust: 1.0

vendor:applemodel:mac os xscope:eqversion:10.14.6

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.15

Trust: 1.0

vendor:applemodel:macosscope:ltversion:11.2

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.14

Trust: 1.0

vendor:applemodel:iphone osscope:gteversion:14.0

Trust: 1.0

vendor:applemodel:iphone osscope:gteversion:12.0

Trust: 1.0

vendor:applemodel:ipadosscope:ltversion:14.4

Trust: 1.0

vendor:applemodel:iphone osscope:ltversion:14.4

Trust: 1.0

vendor:applemodel:macosscope:gteversion:11.0

Trust: 1.0

sources: NVD: CVE-2021-30869

CVSS

SEVERITY

CVSSV2

CVSSV3

NVD: CVE-2021-30869
value: HIGH

Trust: 1.0

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-202108-1956
value: HIGH

Trust: 0.6

VULHUB: VHN-390602
value: HIGH

Trust: 0.1

VULMON: CVE-2021-30869
value: HIGH

Trust: 0.1

NVD:
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: FALSE
obtainAllPrivilege: FALSE
obtainUserPrivilege: FALSE
obtainOtherPrivilege: FALSE
userInteractionRequired: TRUE
version: 2.0

Trust: 1.0

VULHUB: VHN-390602
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

VULMON: CVE-2021-30869
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

NVD:
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-390602 // VULMON: CVE-2021-30869 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-1956 // NVD: CVE-2021-30869

PROBLEMTYPE DATA

problemtype:CWE-843

Trust: 1.1

sources: VULHUB: VHN-390602 // NVD: CVE-2021-30869

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202108-1956

TYPE

other

Trust: 1.2

sources: CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-202108-1956

CONFIGURATIONS

sources:
            
            
            NVD: CVE-2021-30869

PATCH
title:Multiple  Apple Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=166262
Trust: 0.6
title:https://github.com/houjingyi233/macOS-iOS-system-securityurl:https://github.com/houjingyi233/macos-ios-system-security 
Trust: 0.1
title:https://github.com/houjingyi233/macos-ios-exploit-writeupurl:https://github.com/houjingyi233/macos-ios-exploit-writeup 
Trust: 0.1
title:Known Exploited Vulnerabilities Detectorurl:https://github.com/ostorlab/kev 
Trust: 0.1
title: - url:https://www.welivesecurity.com/2022/01/25/watering-hole-deploys-new-macos-malware-dazzlespy-asia/
Trust: 0.1
title:Threatposturl:https://threatpost.com/mac-zero-day-apple-hong-kong/176300/
Trust: 0.1
title:Threatposturl:https://threatpost.com/apple-patches-zero-days-attack/174988/
Trust: 0.1
title:The Registerurl:https://www.theregister.co.uk/2021/09/24/apple_zero_day/
Trust: 0.1
sources:
            
            
            VULMON: CVE-2021-30869 // 
            
            
            
            CNNVD: CNNVD-202108-1956

EXTERNAL IDS
db:NVDid:CVE-2021-30869
Trust: 2.0
db:PACKETSTORMid:164277
Trust: 0.7
db:CS-HELPid:SB2021041363
Trust: 0.6
db:CNNVDid:CNNVD-202104-975
Trust: 0.6
db:AUSCERTid:ESB-2021.3213
Trust: 0.6
db:CS-HELPid:SB2021092317
Trust: 0.6
db:CNNVDid:CNNVD-202108-1956
Trust: 0.6
db:VULHUBid:VHN-390602
Trust: 0.1
db:VULMONid:CVE-2021-30869
Trust: 0.1
db:PACKETSTORMid:164280
Trust: 0.1
sources:
            
            
            VULHUB: VHN-390602 // 
            
            
            
            VULMON: CVE-2021-30869 // 
            
            
            
            PACKETSTORM: 164280 // 
            
            
            
            PACKETSTORM: 164277 // 
            
            
            
            CNNVD: CNNVD-202104-975 // 
            
            
            
            CNNVD: CNNVD-202108-1956 // 
            
            
            
            NVD: CVE-2021-30869

REFERENCES
url:https://support.apple.com/en-us/ht212824
Trust: 2.5
url:https://support.apple.com/en-us/ht212146
Trust: 1.8
url:https://support.apple.com/en-us/ht212147
Trust: 1.8
url:https://support.apple.com/en-us/ht212825
Trust: 1.8
url:https://www.cybersecurity-help.cz/vdb/sb2021041363
Trust: 0.6
url:https://www.cybersecurity-help.cz/vdb/sb2021092317
Trust: 0.6
url:https://www.auscert.org.au/bulletins/esb-2021.3213
Trust: 0.6
url:https://packetstormsecurity.com/files/164277/apple-security-advisory-2021-09-23-1.html
Trust: 0.6
url:https://vigilance.fr/vulnerability/apple-ios-macos-privilege-escalation-via-xnu-36521
Trust: 0.6
url:https://support.apple.com/kb/ht201222
Trust: 0.2
url:https://nvd.nist.gov/vuln/detail/cve-2021-30869
Trust: 0.2
url:https://www.apple.com/support/security/pgp/
Trust: 0.2
url:https://cwe.mitre.org/data/definitions/843.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.theregister.co.uk/2021/09/24/apple_zero_day/
Trust: 0.1
url:https://threatpost.com/mac-zero-day-apple-hong-kong/176300/
Trust: 0.1
url:https://support.apple.com/ht212825.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2021-30858
Trust: 0.1
url:https://www.apple.com/itunes/
Trust: 0.1
url:https://support.apple.com/ht212824.
Trust: 0.1
url:https://nvd.nist.gov/vuln/detail/cve-2021-30860
Trust: 0.1
sources:
            
            
            VULHUB: VHN-390602 // 
            
            
            
            VULMON: CVE-2021-30869 // 
            
            
            
            PACKETSTORM: 164280 // 
            
            
            
            PACKETSTORM: 164277 // 
            
            
            
            CNNVD: CNNVD-202104-975 // 
            
            
            
            CNNVD: CNNVD-202108-1956 // 
            
            
            
            NVD: CVE-2021-30869

CREDITS
Apple
Trust: 0.2
sources:
            
            
            PACKETSTORM: 164280 // 
            
            
            
            PACKETSTORM: 164277

SOURCES
db:VULHUBid:VHN-390602
db:VULMONid:CVE-2021-30869
db:PACKETSTORMid:164280
db:PACKETSTORMid:164277
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-202108-1956
db:NVDid:CVE-2021-30869

LAST UPDATE DATE
2024-01-17T19:51:50.775000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-390602date:2021-10-20T00:00:00
db:VULMONid:CVE-2021-30869date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-202108-1956date:2021-10-21T00:00:00
db:NVDid:CVE-2021-30869date:2023-11-07T03:33:37.040

SOURCES RELEASE DATE
db:VULHUBid:VHN-390602date:2021-08-24T00:00:00
db:VULMONid:CVE-2021-30869date:2021-08-24T00:00:00
db:PACKETSTORMid:164280date:2021-09-24T15:46:28
db:PACKETSTORMid:164277date:2021-09-24T15:40:03
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-202108-1956date:2021-08-24T00:00:00
db:NVDid:CVE-2021-30869date:2021-08-24T19:15:15.080