ID

VAR-202108-2172

CVE

CVE-2021-30858

TITLE

Apple macOS Big Sur Resource Management Error Vulnerability

DESCRIPTION

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and iPadOS 14.8, macOS Big Sur 11.6. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. ========================================================================== Ubuntu Security Notice USN-5087-1 September 22, 2021 webkit2gtk vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in WebKitGTK. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: libjavascriptcoregtk-4.0-18 2.32.4-0ubuntu0.21.04.1 libwebkit2gtk-4.0-37 2.32.4-0ubuntu0.21.04.1 Ubuntu 20.04 LTS: libjavascriptcoregtk-4.0-18 2.32.4-0ubuntu0.20.04.1 libwebkit2gtk-4.0-37 2.32.4-0ubuntu0.20.04.1 Ubuntu 18.04 LTS: libjavascriptcoregtk-4.0-18 2.32.4-0ubuntu0.18.04.1 libwebkit2gtk-4.0-37 2.32.4-0ubuntu0.18.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK, such as Epiphany, to make all the necessary changes. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 APPLE-SA-2021-09-20-6 Additional information for APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8 iOS 14.8 and iPadOS 14.8 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT212807. Bluetooth Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote attacker may be able to cause arbitrary code execution Description: A logic issue was addressed with improved state management. CVE-2021-30820: Jianjun Dai of Qihoo 360 Alpha Lab Entry added September 20, 2021 CoreGraphics Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted PDF may lead to arbitrary code execution. Description: An integer overflow was addressed with improved input validation. CVE-2021-30860: The Citizen Lab FontParser Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing a maliciously crafted dfont file may lead to arbitrary code execution Description: This issue was addressed with improved checks. CVE-2021-30841: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-30843: Xingwei Lin of Ant Security Light-Year Lab CVE-2021-30842: Xingwei Lin of Ant Security Light-Year Lab Entry added September 20, 2021 Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A race condition was addressed with improved locking. CVE-2021-30857: Zweig of Kunlun Lab Entry added September 20, 2021 Kernel Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A malicious application may be able to execute arbitrary code with kernel privileges Description: A type confusion issue was addressed with improved state handling. CVE-2021-30859: Apple Entry added September 20, 2021 libexpat Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: A remote attacker may be able to cause a denial of service Description: This issue was addressed by updating expat to version 2.4.1. CVE-2013-0340: an anonymous researcher Entry added September 20, 2021 Preferences Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: An application may be able to access restricted files Description: A validation issue existed in the handling of symlinks. CVE-2021-30855: Zhipeng Huo (@R3dF09) and Yuebin Sun (@yuebinsun2020) of Tencent Security Xuanwu Lab (xlab.tencent.com) Entry added September 20, 2021 WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution. CVE-2021-30858: an anonymous researcher WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2021-30848: Sergei Glazunov of Google Project Zero Entry added September 20, 2021 WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: Multiple memory corruption issues were addressed with improved memory handling. CVE-2021-30849: Sergei Glazunov of Google Project Zero Entry added September 20, 2021 WebKit Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, iPad mini 4 and later, and iPod touch (7th generation) Impact: Processing maliciously crafted web content may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved memory handling. CVE-2021-30846: Sergei Glazunov of Google Project Zero Entry added September 20, 2021 Additional recognition CoreML We would like to acknowledge hjy79425575 working with Trend Micro Zero Day Initiative for their assistance. Entry added September 20, 2021 Installation note: This update is available through iTunes and Software Update on your iOS device, and will not appear in your computer's Software Update application, or in the Apple Downloads site. Make sure you have an Internet connection and have installed the latest version of iTunes from https://www.apple.com/itunes/ iTunes and Software Update on the device will automatically check Apple's update server on its weekly schedule. When an update is detected, it is downloaded and the option to be installed is presented to the user when the iOS device is docked. We recommend applying the update immediately if possible. Selecting Don't Install will present the option the next time you connect your iOS device. The automatic update process may take up to a week depending on the day that iTunes or the device checks for updates. You may manually obtain the update via the Check for Updates button within iTunes, or the Software Update on your device. To check that the iPhone, iPod touch, or iPad has been updated: * Navigate to Settings * Select General * Select About * The version after applying this update will be "14.8" Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmFI884ACgkQeC9qKD1p rhg8fw/+JL/Emgqw3tIeloZ6nl7RotrzBEJ8U0jvOfyHvYRKkcvgD0Oc+puZ+eY7 ngiUivHqvlVz3wDO4o1GHN5Ml1rveIxHttUWxLvY6dsG2G4X9p1AqHnDy2fB0Rqx 13L19SsxP4fLI/PcDP3wNjeiZwH7hzJTVNGLQdWw93DNbUA9zUcyLHPBLVspjXl+ g/61E+4uznJD0TtmyqU041BLiqbrBSnD2WCFFbm6NT4FIz3yHta65CvKtLDZPjHt ckP5uORsyHy8vwtcuY0x4Wpfq1bNjV47tiVqrGUn2M2QAyfukGLXUAE85D/nxD/a VDKor1EU+l+nHA21rzPXj7YSXCiJke/VwajWuspz0biMcOuc/+3Xl/WLONA2mHuf eTAIAGNP8UNQ/ZVZzD9d/m5kirHeqHn4rmC+0vYZv7gC3/UsAD5MqFXpCXtuPUu6 D5pDYp4wB56zv9ZFe9EcsomRLLsp3ubWGOq/FExD4Pi0W++kY6F68W2Voh9xSnaN a9RcvGqZMbTdaIGOB698qWvaRNvXCrNbQzT9K+63CM7NComXnaW5FdtsVMjRLArT 3T4m2UsRnWmi6A1cD06hdpuZNT5hs27iGO0srSH+GypfOHS2BHITPizuJjIpQ37M /Q8bAJn6KoL8RKdOf36oBXtGBiXvA0OXPjWdrh44oW8Wnlx5NU0= =vNXl -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: webkit2gtk3 security and bug fix update Advisory ID: RHSA-2021:4097-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:4097 Issue date: 2021-11-02 CVE Names: CVE-2021-30858 ===================================================================== 1. Summary: An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. Security Fix(es): * webkitgtk: Use-after-free leading to arbitrary code execution (CVE-2021-30858) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * WebProcess::initializeWebProcess crashing on aarch64 (BZ#2010825) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: webkit2gtk3-2.30.4-3.el8_4.src.rpm aarch64: webkit2gtk3-2.30.4-3.el8_4.aarch64.rpm webkit2gtk3-debuginfo-2.30.4-3.el8_4.aarch64.rpm webkit2gtk3-debugsource-2.30.4-3.el8_4.aarch64.rpm webkit2gtk3-devel-2.30.4-3.el8_4.aarch64.rpm webkit2gtk3-devel-debuginfo-2.30.4-3.el8_4.aarch64.rpm webkit2gtk3-jsc-2.30.4-3.el8_4.aarch64.rpm webkit2gtk3-jsc-debuginfo-2.30.4-3.el8_4.aarch64.rpm webkit2gtk3-jsc-devel-2.30.4-3.el8_4.aarch64.rpm webkit2gtk3-jsc-devel-debuginfo-2.30.4-3.el8_4.aarch64.rpm ppc64le: webkit2gtk3-2.30.4-3.el8_4.ppc64le.rpm webkit2gtk3-debuginfo-2.30.4-3.el8_4.ppc64le.rpm webkit2gtk3-debugsource-2.30.4-3.el8_4.ppc64le.rpm webkit2gtk3-devel-2.30.4-3.el8_4.ppc64le.rpm webkit2gtk3-devel-debuginfo-2.30.4-3.el8_4.ppc64le.rpm webkit2gtk3-jsc-2.30.4-3.el8_4.ppc64le.rpm webkit2gtk3-jsc-debuginfo-2.30.4-3.el8_4.ppc64le.rpm webkit2gtk3-jsc-devel-2.30.4-3.el8_4.ppc64le.rpm webkit2gtk3-jsc-devel-debuginfo-2.30.4-3.el8_4.ppc64le.rpm s390x: webkit2gtk3-2.30.4-3.el8_4.s390x.rpm webkit2gtk3-debuginfo-2.30.4-3.el8_4.s390x.rpm webkit2gtk3-debugsource-2.30.4-3.el8_4.s390x.rpm webkit2gtk3-devel-2.30.4-3.el8_4.s390x.rpm webkit2gtk3-devel-debuginfo-2.30.4-3.el8_4.s390x.rpm webkit2gtk3-jsc-2.30.4-3.el8_4.s390x.rpm webkit2gtk3-jsc-debuginfo-2.30.4-3.el8_4.s390x.rpm webkit2gtk3-jsc-devel-2.30.4-3.el8_4.s390x.rpm webkit2gtk3-jsc-devel-debuginfo-2.30.4-3.el8_4.s390x.rpm x86_64: webkit2gtk3-2.30.4-3.el8_4.i686.rpm webkit2gtk3-2.30.4-3.el8_4.x86_64.rpm webkit2gtk3-debuginfo-2.30.4-3.el8_4.i686.rpm webkit2gtk3-debuginfo-2.30.4-3.el8_4.x86_64.rpm webkit2gtk3-debugsource-2.30.4-3.el8_4.i686.rpm webkit2gtk3-debugsource-2.30.4-3.el8_4.x86_64.rpm webkit2gtk3-devel-2.30.4-3.el8_4.i686.rpm webkit2gtk3-devel-2.30.4-3.el8_4.x86_64.rpm webkit2gtk3-devel-debuginfo-2.30.4-3.el8_4.i686.rpm webkit2gtk3-devel-debuginfo-2.30.4-3.el8_4.x86_64.rpm webkit2gtk3-jsc-2.30.4-3.el8_4.i686.rpm webkit2gtk3-jsc-2.30.4-3.el8_4.x86_64.rpm webkit2gtk3-jsc-debuginfo-2.30.4-3.el8_4.i686.rpm webkit2gtk3-jsc-debuginfo-2.30.4-3.el8_4.x86_64.rpm webkit2gtk3-jsc-devel-2.30.4-3.el8_4.i686.rpm webkit2gtk3-jsc-devel-2.30.4-3.el8_4.x86_64.rpm webkit2gtk3-jsc-devel-debuginfo-2.30.4-3.el8_4.i686.rpm webkit2gtk3-jsc-devel-debuginfo-2.30.4-3.el8_4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-30858 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYYEkR9zjgjWX9erEAQgSYRAAqB1YabSEnLYejpScbdUufAFEeQ6fdnkL 0Z2C1nfc3Zc1/Z9Sr/LOhxQm/iijm/4GIgwwzY7j5Ccu1KTjSev7i77VEqVr7DNC 3Dp+KBFVDxP4ArUNXyhpvYcLqaVLjKRAWchqoCmWg3FKQK1Qml7+OkmLdrhkkBw2 2LW7+QHBeXykXAZPr0HLdAQv7Z4qsP+cN83ccul3Ds9iL8ERNBg4uaf8t+Fad5BT 5N7vdQ9HFaFk7DFVdyMuNCBKNT1me9siUX+WZqDK44m+97c0+SPN2JtG31KDZ39+ lOrHI4pbImH89DfhI7b7PzJW/mZyJ8FYL9zxzOdqFdqrAsuwRbj2f7KU9/oKGcbw Yi/z/TIzOUqRsHm5FI/Ug7RBUoMFxZpEc2En+jsjUQFTb42S/QaqNUwl2DpHGwiy Q+/wAsHhNUqLoIbOYHMrESUTxD6pAhKv/4fBMzjyCgdZaGsM8RQ1ZGnM4qAObj4R Q+3rTE9KdYt3W6gh2XE+TIh4ezG2O94jEjQ2fGd8WTHAOpni+sVMozNpTsL/nCBq HbDHDztCFsLCK2nK6hkiClL+a7VskzejzgbU/uhNxU7GKJT3wpqcD+uNY3bh/Y3y mLuhmwZIZpSPGW+yllWOhjjrsoeYjdqlUiQVSYYw/J8BITjni1hGHsJgp2YGdZzg TIjMx+ZhZQs= =PR28 -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce . - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 202202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: High Title: WebkitGTK+: Multiple vulnerabilities Date: February 01, 2022 Bugs: #779175, #801400, #813489, #819522, #820434, #829723, #831739 ID: 202202-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple vulnerabilities have been found in WebkitGTK+, the worst of which could result in the arbitrary execution of code. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-libs/webkit-gtk < 2.34.4 >= 2.34.4 Description ========== Multiple vulnerabilities have been discovered in WebkitGTK+. Please review the CVE identifiers referenced below for details. Impact ===== An attacker, by enticing a user to visit maliciously crafted web content, may be able to execute arbitrary code, violate iframe sandboxing policy, access restricted ports on arbitrary servers, cause memory corruption, or could cause a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All WebkitGTK+ users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-libs/webkit-gtk-2.34.4" References ========= [ 1 ] CVE-2021-30848 https://nvd.nist.gov/vuln/detail/CVE-2021-30848 [ 2 ] CVE-2021-30888 https://nvd.nist.gov/vuln/detail/CVE-2021-30888 [ 3 ] CVE-2021-30682 https://nvd.nist.gov/vuln/detail/CVE-2021-30682 [ 4 ] CVE-2021-30889 https://nvd.nist.gov/vuln/detail/CVE-2021-30889 [ 5 ] CVE-2021-30666 https://nvd.nist.gov/vuln/detail/CVE-2021-30666 [ 6 ] CVE-2021-30665 https://nvd.nist.gov/vuln/detail/CVE-2021-30665 [ 7 ] CVE-2021-30890 https://nvd.nist.gov/vuln/detail/CVE-2021-30890 [ 8 ] CVE-2021-30661 https://nvd.nist.gov/vuln/detail/CVE-2021-30661 [ 9 ] WSA-2021-0005 https://webkitgtk.org/security/WSA-2021-0005.html [ 10 ] CVE-2021-30761 https://nvd.nist.gov/vuln/detail/CVE-2021-30761 [ 11 ] CVE-2021-30897 https://nvd.nist.gov/vuln/detail/CVE-2021-30897 [ 12 ] CVE-2021-30823 https://nvd.nist.gov/vuln/detail/CVE-2021-30823 [ 13 ] CVE-2021-30734 https://nvd.nist.gov/vuln/detail/CVE-2021-30734 [ 14 ] CVE-2021-30934 https://nvd.nist.gov/vuln/detail/CVE-2021-30934 [ 15 ] CVE-2021-1871 https://nvd.nist.gov/vuln/detail/CVE-2021-1871 [ 16 ] CVE-2021-30762 https://nvd.nist.gov/vuln/detail/CVE-2021-30762 [ 17 ] WSA-2021-0006 https://webkitgtk.org/security/WSA-2021-0006.html [ 18 ] CVE-2021-30797 https://nvd.nist.gov/vuln/detail/CVE-2021-30797 [ 19 ] CVE-2021-30936 https://nvd.nist.gov/vuln/detail/CVE-2021-30936 [ 20 ] CVE-2021-30663 https://nvd.nist.gov/vuln/detail/CVE-2021-30663 [ 21 ] CVE-2021-1825 https://nvd.nist.gov/vuln/detail/CVE-2021-1825 [ 22 ] CVE-2021-30951 https://nvd.nist.gov/vuln/detail/CVE-2021-30951 [ 23 ] CVE-2021-30952 https://nvd.nist.gov/vuln/detail/CVE-2021-30952 [ 24 ] CVE-2021-1788 https://nvd.nist.gov/vuln/detail/CVE-2021-1788 [ 25 ] CVE-2021-1820 https://nvd.nist.gov/vuln/detail/CVE-2021-1820 [ 26 ] CVE-2021-30953 https://nvd.nist.gov/vuln/detail/CVE-2021-30953 [ 27 ] CVE-2021-30749 https://nvd.nist.gov/vuln/detail/CVE-2021-30749 [ 28 ] CVE-2021-30849 https://nvd.nist.gov/vuln/detail/CVE-2021-30849 [ 29 ] CVE-2021-1826 https://nvd.nist.gov/vuln/detail/CVE-2021-1826 [ 30 ] CVE-2021-30836 https://nvd.nist.gov/vuln/detail/CVE-2021-30836 [ 31 ] CVE-2021-30954 https://nvd.nist.gov/vuln/detail/CVE-2021-30954 [ 32 ] CVE-2021-30984 https://nvd.nist.gov/vuln/detail/CVE-2021-30984 [ 33 ] CVE-2021-30851 https://nvd.nist.gov/vuln/detail/CVE-2021-30851 [ 34 ] CVE-2021-30758 https://nvd.nist.gov/vuln/detail/CVE-2021-30758 [ 35 ] CVE-2021-42762 https://nvd.nist.gov/vuln/detail/CVE-2021-42762 [ 36 ] CVE-2021-1844 https://nvd.nist.gov/vuln/detail/CVE-2021-1844 [ 37 ] CVE-2021-30689 https://nvd.nist.gov/vuln/detail/CVE-2021-30689 [ 38 ] CVE-2021-45482 https://nvd.nist.gov/vuln/detail/CVE-2021-45482 [ 39 ] CVE-2021-30858 https://nvd.nist.gov/vuln/detail/CVE-2021-30858 [ 40 ] CVE-2021-21779 https://nvd.nist.gov/vuln/detail/CVE-2021-21779 [ 41 ] WSA-2021-0004 https://webkitgtk.org/security/WSA-2021-0004.html [ 42 ] CVE-2021-30846 https://nvd.nist.gov/vuln/detail/CVE-2021-30846 [ 43 ] CVE-2021-30744 https://nvd.nist.gov/vuln/detail/CVE-2021-30744 [ 44 ] CVE-2021-30809 https://nvd.nist.gov/vuln/detail/CVE-2021-30809 [ 45 ] CVE-2021-30884 https://nvd.nist.gov/vuln/detail/CVE-2021-30884 [ 46 ] CVE-2021-30720 https://nvd.nist.gov/vuln/detail/CVE-2021-30720 [ 47 ] CVE-2021-30799 https://nvd.nist.gov/vuln/detail/CVE-2021-30799 [ 48 ] CVE-2021-30795 https://nvd.nist.gov/vuln/detail/CVE-2021-30795 [ 49 ] CVE-2021-1817 https://nvd.nist.gov/vuln/detail/CVE-2021-1817 [ 50 ] CVE-2021-21775 https://nvd.nist.gov/vuln/detail/CVE-2021-21775 [ 51 ] CVE-2021-30887 https://nvd.nist.gov/vuln/detail/CVE-2021-30887 [ 52 ] CVE-2021-21806 https://nvd.nist.gov/vuln/detail/CVE-2021-21806 [ 53 ] CVE-2021-30818 https://nvd.nist.gov/vuln/detail/CVE-2021-30818 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/202202-01 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2022 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

resource management error

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Apple

SOURCES

LAST UPDATE DATE

2024-05-12T02:15:54.278000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE