QID 376012

Date Published: 2021-11-02

QID 376012: Apple MacOS Monterey 12.0.1 Not Installed (HT212869)

macOS Monterey (version 12) is the 18th and current major release of macOS, Apple's desktop operating system for Macintosh computers.

CVE-2021-30899: A race condition was addressed with improved state handling.
CVE-2021-30917: A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation.
CVE-2021-30903: This issue was addressed with improved checks.
CVE-2021-30905: An out-of-bounds read was addressed with improved bounds checking.
CVE-2021-30919: An out-of-bounds write was addressed with improved input validation.
CVE-2021-30881: An input validation issue was addressed with improved memory handling.
CVE-2021-30895: A logic issue was addressed with improved restrictions.
CVE-2021-30896: A logic issue was addressed with improved restrictions.
CVE-2021-30906: This issue was addressed with improved checks.
CVE-2021-30824: A memory corruption issue was addressed with improved state management.
CVE-2021-30901: Multiple out-of-bounds write issues were addressed with improved bounds checking.
CVE-2021-30821: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30883:A memory corruption issue was addressed with improved memory handling.
CVE-2021-30886: A use after free issue was addressed with improved memory management.
CVE-2021-30909:A memory corruption issue was addressed with improved memory handling.
CVE-2021-30916: A memory corruption issue was addressed with improved memory handling.
CVE-2021-30864: A logic issue was addressed with improved state management.

Affected Versions:
Apple MacOS Big Sur version before 12.0.1

QID Detection Logic:
This QID checks for vulnerable versions of Monterey using sw_vers.

Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory

CVSS V3 rated as Critical - 8.8 severity.

CVSS V2 rated as Critical - 9.3 severity.

Solution

The updates can be downloaded from Apple Downloads.

For more information regarding the update can be found at HT212869.

Vendor References

HT212869 - support.apple.com/en-us/HT212869

CVEs related to QID 376012

CVE-2021-30873 | CVE-2021-30876 | CVE-2021-30879 | CVE-2021-30877 | CVE-2021-30880 | CVE-2021-30907 | CVE-2021-30899 | CVE-2021-30917 | CVE-2021-30903 | CVE-2021-30905 | CVE-2021-30919 | CVE-2021-30881 | CVE-2021-30895 | CVE-2021-30896 | CVE-2021-30906 | CVE-2021-30824 | CVE-2021-30901 | CVE-2021-30821 | CVE-2021-30883 | CVE-2021-30886 | CVE-2021-30909 | CVE-2021-30916 | CVE-2021-30864 | CVE-2021-30813 | CVE-2021-30910 | CVE-2021-30911 | CVE-2021-30920 | CVE-2021-30868 | CVE-2021-30912 | CVE-2021-30913 | CVE-2021-30915 | CVE-2021-30823 | CVE-2021-30887 | CVE-2021-30888 | CVE-2021-30889 | CVE-2021-30861 | CVE-2021-30890 | CVE-2021-30908 | CVE-2021-30833 | CVE-2021-30892 |

Software Advisories

Advisory ID	Software	Component	Link
HT212869			support.apple.com/en-us/HT212869

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Array ( [qid] => 376012 [title] => Apple MacOS Monterey 12.0.1 Not Installed (HT212869) [severity] => 4 [description] => macOS Monterey (version 12) is the 18th and current major release of macOS, Apple's desktop operating system for Macintosh computers.

Affected Versions:
Apple MacOS Big Sur version before 12.0.1

QID Detection Logic:
This QID checks for vulnerable versions of Monterey using sw_vers.

[solution] => The updates can be downloaded from Apple Downloads.

For more information regarding the update can be found at HT212869.
[consequence] => Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory [published] => Yes [date_insert] => 2021-11-01 [date_published] => 2021-11-02 [cve] => Array ( [0] => CVE-2021-30873 [1] => CVE-2021-30876 [2] => CVE-2021-30879 [3] => CVE-2021-30877 [4] => CVE-2021-30880 [5] => CVE-2021-30907 [6] => CVE-2021-30899 [7] => CVE-2021-30917 [8] => CVE-2021-30903 [9] => CVE-2021-30905 [10] => CVE-2021-30919 [11] => CVE-2021-30881 [12] => CVE-2021-30895 [13] => CVE-2021-30896 [14] => CVE-2021-30906 [15] => CVE-2021-30824 [16] => CVE-2021-30901 [17] => CVE-2021-30821 [18] => CVE-2021-30883 [19] => CVE-2021-30886 [20] => CVE-2021-30909 [21] => CVE-2021-30916 [22] => CVE-2021-30864 [23] => CVE-2021-30813 [24] => CVE-2021-30910 [25] => CVE-2021-30911 [26] => CVE-2021-30920 [27] => CVE-2021-30868 [28] => CVE-2021-30912 [29] => CVE-2021-30913 [30] => CVE-2021-30915 [31] => CVE-2021-30823 [32] => CVE-2021-30887 [33] => CVE-2021-30888 [34] => CVE-2021-30889 [35] => CVE-2021-30861 [36] => CVE-2021-30890 [37] => CVE-2021-30908 [38] => CVE-2021-30833 [39] => CVE-2021-30892 ) [vendor_refs] => Array ( [0] => Array ( [vendor_ref] => HT212869 [vendor_ref_url] => https://support.apple.com/en-us/HT212869 ) ) [cvss_v2] => Array ( [basescore] => 9.3 [temporalscore] => 6.9 ) [cvss_v3] => Array ( [basescore] => 8.8 [temporalscore] => 7.7 ) [patches] => Array ( [0] => Array ( [link] => https://support.apple.com/en-us/HT212869 [advisory_id] => HT212869 [os_sw] => [component] => ) ) )