Earlier this week, Apple announced security patches for various weaknesses in iOS, macOS, tvOS, and watchOS, including a remote jailbreak exploit chain and several critical flaws in the Kernel and Safari web browser. These vulnerabilities were initially revealed in October at the International Cyber Security Contest Tianfu Cup in China.
The vulnerability, identified as CVE-2021-30955, could have allowed a malicious program to run arbitrary code with kernel privileges. According to Apple, the problem has been addressed by implementing “improved state handling.” macOS devices are also affected by this issue.
Kunlun Lab’s chief executive, @mj0011sec tweeted:
The kernel bug CVE-2021-30955 is the one we tried use to build our remote jailbreak chain but failed to complete on time. It also affects MacOS. https://t.co/lMdHKPfVSR
— mj0011 (@mj0011sec) December 13, 2021
What Other Vulnerabilities Were Fixed?
According to The Hacker News, in addition to the kernel bug CVE-2021-30955, five Kernel and four IOMobileFrameBuffer (a kernel extension for controlling the screen framebuffer) issues were fixed with the latest patches:
- CVE-2021-30927 and CVE-2021-30980: A use after free issue that could allow a rogue application to run arbitrary code with kernel privileges.
- CVE-2021-30937: A memory corruption vulnerability that could allow a rogue application to run arbitrary code with kernel privileges.
- CVE-2021-30949: A memory corruption issue that could allow a rogue application to run arbitrary code with kernel privileges.
- CVE-2021-30993: A buffer overflow issue that could allow an attacker in a privileged network position may be able to execute arbitrary code.
- CVE-2021-30983: A buffer overflow issue that could allow an application to run arbitrary code with kernel privileges.
- CVE-2021-30985: An out-of-bounds write issue that could allow a rogue application to run arbitrary code with kernel privileges.
- CVE-2021-30991: An out-of-bounds read issue that could allow a malicious application to run arbitrary code with kernel privileges.
- CVE-2021-30996: A race condition that could allow a rogue application to run arbitrary code with kernel privileges.
On the macOS front, the tech giant patched a vulnerability in the Wi-Fi module (CVE-2021-30938) that might allow a local user on the system to cause unexpected system shutdown and potentially access kernel information.
According to Google, the issue was reported by Xinru Chi of Pangu Lab.
Apple also patched seven more security weaknesses in the WebKit component, a browser engine developed by Apple that is widely utilized in its Safari web browser as well as all iOS web browsers:
- CVE-2021-30934,
- CVE-2021-30936,
- CVE-2021-30951,
- CVE-2021-30952,
- CVE-2021-30953,
- CVE-2021-30954,
- CVE-2021-30984.
As explained by The Hacker News, these weaknesses could potentially result in a scenario where processing specially crafted web content may lead to arbitrary code execution.
Apple also fixed a couple of bugs in the Notes and Password Manager applications in iOS that may allow someone with physical access to an iOS device to access contacts from the lock screen and get saved passwords without requiring authentication.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, Youtube, and Instagram for more cybersecurity news and topics.