what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Apple Security Advisory 2021-12-15-7

Apple Security Advisory 2021-12-15-7
Posted Dec 17, 2021
Authored by Apple | Site apple.com

Apple Security Advisory 2021-12-15-7 - Safari 15.2 addresses buffer overflow, code execution, integer overflow, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, overflow, vulnerability, code execution
systems | apple
advisories | CVE-2021-30934, CVE-2021-30936, CVE-2021-30951, CVE-2021-30952, CVE-2021-30953, CVE-2021-30954, CVE-2021-30984
SHA-256 | dcec9f0b30618e604ca73400b05ece50348b0a958ba1c87cb1fb73a70aab2a1e

Apple Security Advisory 2021-12-15-7

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-12-15-7 Safari 15.2

Safari 15.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT212982.

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A buffer overflow issue was addressed with improved
memory handling.
CVE-2021-30934: Dani Biro

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-30936: Chijin Zhou of ShuiMuYuLin Ltd and Tsinghua
wingtecher lab
CVE-2021-30951: Pangu

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An integer overflow was addressed with improved input
validation.
CVE-2021-30952: WeBin

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A race condition was addressed with improved state
handling.
CVE-2021-30984: Kunlun Lab

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-30953: VRIJ

WebKit
Available for: macOS Big Sur and macOS Catalina
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved
memory handling.
CVE-2021-30954: Kunlun Lab

Additional recognition

WebKit
We would like to acknowledge Jzhu, Peter Snyder of Brave, and Soroush
Karami for their assistance.


Information will also be posted to the Apple Security Updates
web site: https://support.apple.com/kb/HT201222

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEePiLW1MrMjw19XzoeC9qKD1prhgFAmG6UnUACgkQeC9qKD1p
rhjoERAA4p1QO7OCgTEUtZQxQx4PptzOw/A/5ufYVD5qZXUKmfK/ICXy0L+32Bb8
qGCQq/20APdRbYN+E6tgmivJ4EOt8WXkeyNp0CFjqvpgsMzji/A8TaHIMbQXxPP5
BNRxl4GQjxLIptbta2G10La27FfMqcQOU2VV4gonPVQlGb4r9JAkwer5S5zqASgU
7ZQ+IUJSpyFoBXMNSM1zDd9k8wfjLJoFJQeO9TAJt97fyLmOYr/n2vPG9+H28TxK
y6y+GuZzvV7qMo+BMAhQVzA1i/P0ZgqOLSp2IVBR3+92saLkH0EmuRI8OBD6SXT2
BnI7oyp7BrYxGyRWC5oFfOX+ZL/T80m5wWlGsxXABQ9U2agvqDiSyvVa1URnyMvp
mgux+JZEQmNcu1Va7+LhoI1HWyogDNS3OVhLmhgejfno8++pR1Y2p+RDhdaKxnzi
VnBrO+yr4YlTT1gGbPqHbVywVgUkfolVVYcZ1enLP4qB9Xt66XJkiOTtIUGgVQ5u
vK0oWxHgzAEDc+o4oKgubm7HaFGUNA1Kv1XCq2m56A+e5nLO5b0jAr5BkXtV8EfO
TNC/ecd0B2dNmQf5S1k23PCkUX3som0WN62ocKkNidFVJ33GFP6xEHc2iaEk3DIc
aOB6r1awfCFLfk9cYes3Uzw5zCVCs5VaGe1fdQD4J4oZCihvm20=AWpZ
-----END PGP SIGNATURE-----



Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close