Tuesday, February 2, 2021

Apple Security Advisory 2021-02-01-2

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

APPLE-SA-2021-02-01-2 Additional information for
APPLE-SA-2021-01-26-1 iOS 14.4 and iPadOS 14.4

iOS 14.4 and iPadOS 14.4 addresses the following issues. Information
about the security content is also available at
https://support.apple.com/HT212146.

Analytics
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause a denial of service
Description: This issue was addressed with improved checks.
CVE-2021-1761: Cees Elzinga
Entry added February 1, 2021

APFS
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A local user may be able to read arbitrary files
Description: The issue was addressed with improved permissions logic.
CVE-2021-1797: Thomas Tempelmann
Entry added February 1, 2021

Bluetooth
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1794: Jianjun Dai of 360 Alpha Lab
Entry added February 1, 2021

Bluetooth
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1795: Jianjun Dai of 360 Alpha Lab
CVE-2021-1796: Jianjun Dai of 360 Alpha Lab
Entry added February 1, 2021

Bluetooth
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: An attacker in a privileged position may be able to perform a
denial of service attack
Description: A memory initialization issue was addressed with
improved memory handling.
CVE-2021-1780: Jianjun Dai of 360 Alpha Lab
Entry added February 1, 2021

CoreAnimation
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A malicious application could execute arbitrary code leading
to compromise of user information
Description: A memory corruption issue was addressed with improved
state management.
CVE-2021-1760: @S0rryMybad of 360 Vulcan Team
Entry added February 1, 2021

CoreAudio
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to code
execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1747: JunDong Xie of Ant Security Light-Year Lab
Entry added February 1, 2021

CoreGraphics
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted font file may lead to
arbitrary code execution
Description: An out-of-bounds write issue was addressed with improved
bounds checking.
CVE-2021-1776: Ivan Fratric of Google Project Zero
Entry added February 1, 2021

CoreMedia
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1759: Hou JingYi (@hjy79425575) of Qihoo 360 CERT
Entry added February 1, 2021

CoreText
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted text file may lead to
arbitrary code execution
Description: A stack overflow was addressed with improved input
validation.
CVE-2021-1772: Mickey Jin of Trend Micro
Entry added February 1, 2021

CoreText
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1792: Mickey Jin & Junzhi Lu of Trend Micro
Entry added February 1, 2021

Crash Reporter
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A local user may be able to create or modify system files
Description: A logic issue was addressed with improved state
management.
CVE-2021-1786: Csaba Fitzl (@theevilbit) of Offensive Security
Entry added February 1, 2021

Crash Reporter
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A local attacker may be able to elevate their privileges
Description: Multiple issues were addressed with improved logic.
CVE-2021-1787: James Hutchins
Entry added February 1, 2021

FairPlay
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A malicious application may be able to disclose kernel memory
Description: An out-of-bounds read issue existed that led to the
disclosure of kernel memory. This was addressed with improved input
validation.
CVE-2021-1791: Junzhi Lu (@pwn0rz), Qi Sun & Mickey Jin of Trend
Micro
Entry added February 1, 2021

FontParser
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code
execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1758: Peter Nguyen of STAR Labs
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: A logic issue was addressed with improved state
management.
CVE-2021-1773: Xingwei Lin of Ant Security Light-Year Lab
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: This issue was addressed with improved checks.
CVE-2021-1766: Danny Rosseau of Carve Systems
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1785: Xingwei Lin of Ant Security Light-Year Lab
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1744: Xingwei Lin of Ant Security Light-Year Lab
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause unexpected application
termination or arbitrary code execution
Description: A logic issue was addressed with improved state
management.
CVE-2021-1818: Xingwei Lin from Ant-Financial Light-Year Security Lab
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: This issue was addressed with improved checks.
CVE-2021-1746: Xingwei Lin of Ant Security Light-Year Lab, and Mickey
Jin & Qi Sun of Trend Micro
CVE-2021-1793: Xingwei Lin of Ant Security Light-Year Lab
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1741: Xingwei Lin of Ant Security Light-Year Lab
CVE-2021-1743: Xingwei Lin of Ant Security Light-Year Lab, and Mickey
Jin & Junzhi Lu of Trend Micro
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to a denial
of service
Description: An out-of-bounds read issue existed in the curl. This
issue was addressed with improved bounds checking.
CVE-2021-1778: Xingwei Lin of Ant Security Light-Year Lab
Entry added February 1, 2021

ImageIO
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An access issue was addressed with improved memory
management.
CVE-2021-1783: Xingwei Lin of Ant Security Light-Year Lab
Entry added February 1, 2021

IOSkywalkFamily
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A local attacker may be able to elevate their privileges
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1757: Proteas and Pan ZhenPeng (@Peterpan0927) of Alibaba
Security
Entry added February 1, 2021

iTunes Store
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted URL may lead to arbitrary
javascript code execution
Description: A validation issue was addressed with improved input
sanitization.
CVE-2021-1748: CodeColorist of Ant-Financial Light-Year Labs
Entry added February 1, 2021

Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause a denial of service
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-1764: Maxime Villard (@m00nbsd)
Entry added February 1, 2021

Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: An application may be able to execute arbitrary code with
kernel privileges
Description: Multiple issues were addressed with improved logic.
CVE-2021-1750: @0xalsr
Entry added February 1, 2021

Kernel
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A malicious application may be able to elevate privileges.
Apple is aware of a report that this issue may have been actively
exploited.
Description: A race condition was addressed with improved locking.
CVE-2021-1782: an anonymous researcher

Messages
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A malicious application may be able to leak sensitive user
information
Description: A privacy issue existed in the handling of Contact
cards. This was addressed with improved state management.
CVE-2021-1781: Csaba Fitzl (@theevilbit) of Offensive Security
Entry added February 1, 2021

Model I/O
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: A buffer overflow was addressed with improved bounds
checking.
CVE-2021-1763: Mickey Jin of Trend Micro
Entry added February 1, 2021

Model I/O
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1768: Mickey Jin & Junzhi Lu of Trend Micro
Entry added February 1, 2021

Model I/O
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds read was addressed with improved input
validation.
CVE-2021-1745: Mickey Jin & Junzhi Lu of Trend Micro
Entry added February 1, 2021

Model I/O
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted USD file may lead to
unexpected application termination or arbitrary code execution
Description: An out-of-bounds write was addressed with improved input
validation.
CVE-2021-1762: Mickey Jin of Trend Micro
Entry added February 1, 2021

Model I/O
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to heap
corruption
Description: This issue was addressed with improved checks.
CVE-2021-1767: Mickey Jin & Junzhi Lu of Trend Micro
Entry added February 1, 2021

Model I/O
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing a maliciously crafted image may lead to arbitrary
code execution
Description: An out-of-bounds read was addressed with improved bounds
checking.
CVE-2021-1753: Mickey Jin of Trend Micro
Entry added February 1, 2021

Phone Keypad
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: An attacker with physical access to a device may be able to
see private contact information
Description: A lock screen issue allowed access to contacts on a
locked device. This issue was addressed with improved state
management.
CVE-2021-1756: Ryan Pickren (ryanpickren.com)
Entry added February 1, 2021

Swift
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A malicious attacker with arbitrary read and write capability
may be able to bypass Pointer Authentication
Description: A logic issue was addressed with improved validation.
CVE-2021-1769: CodeColorist of Ant-Financial Light-Year Labs
Entry added February 1, 2021

WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A use after free issue was addressed with improved
memory management.
CVE-2021-1788: Francisco Alonso (@revskills)
Entry added February 1, 2021

WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: A type confusion issue was addressed with improved state
handling.
CVE-2021-1789: @S0rryMybad of 360 Vulcan Team
Entry added February 1, 2021

WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: Maliciously crafted web content may violate iframe sandboxing
policy
Description: This issue was addressed with improved iframe sandbox
enforcement.
CVE-2021-1801: Eliya Stein of Confiant
Entry added February 1, 2021

WebKit
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A remote attacker may be able to cause arbitrary code
execution. Apple is aware of a report that this issue may have been
actively exploited.
Description: A logic issue was addressed with improved restrictions.
CVE-2021-1871: an anonymous researcher
CVE-2021-1870: an anonymous researcher

WebRTC
Available for: iPhone 6s and later, iPad Air 2 and later, iPad mini 4
and later, and iPod touch (7th generation)
Impact: A malicious website may be able to access restricted ports on
arbitrary servers
Description: A port redirection issue was addressed with additional
port validation.
CVE-2021-1799: Gregory Vishnepolsky & Ben Seri of Armis Security, and
Samy Kamkar
Entry added February 1, 2021

Additional recognition

iTunes Store
We would like to acknowledge CodeColorist of Ant-Financial Light-Year
Labs for their assistance.
Entry added February 1, 2021

Kernel
We would like to acknowledge Junzhi Lu (@pwn0rz), Mickey Jin & Jesse
Change of Trend Micro for their assistance.
Entry added February 1, 2021

libpthread
We would like to acknowledge CodeColorist of Ant-Financial Light-Year
Labs for their assistance.
Entry added February 1, 2021

Mail
We would like to acknowledge Yiğit Can YILMAZ (@yilmazcanyigit) and
an anonymous researcher for their assistance.
Entry added February 1, 2021

Store Demo
We would like to acknowledge @08Tc3wBB for their assistance.
Entry added February 1, 2021

WebRTC
We would like to acknowledge Philipp Hancke for their assistance.
Entry added February 1, 2021

Wi-Fi
We would like to acknowledge an anonymous researcher for their
assistance.
Entry added February 1, 2021

This message is signed with Apple's Product Security PGP key,
and details are available at:
https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEbURczHs1TP07VIfuZcsbuWJ6jjAFAmAYgtAACgkQZcsbuWJ6
jjCK6g//dClC7Zq+dOqvuwvDa1ZMQ/R7pmp9qn2jFQsN41sf3JXSUT5AT2qhkB+W
BvfgNl4JEAhdFigcuChzNWjrtQjT30Iqu/mPKF9zh8FRi5Uc0Z+UDAS4QAJcYmBl
naDKY9u0SIyzxyvoK2AhfnbgAy7xsICNUiPFIV3sLS20NnKaItd/zBVCsgiMnpXD
lXBJJfoJZcKzUxsHVGuh3DU9FgyS0Ypo8EAuZTPT511rco7nAqQ+RY5s8DRZ91Up
BWoFQezmVQmxHGA2rwJH+RgSUOUywCNi/xLinAdNq8en4db8UtSmUcQHqaFgybBk
bfWN3apPFq7vKCPbW8NI4JPBeP4WhORGH1V2jgJV8DM8Lod/Uh1yJrcZ5a4FxwCO
VZKROL2UwE8T3tNYNlYoIr83FKVeMxnYhEP+xSSM3iZGtIflkcO3UtfitJlV0U26
RCavBUyxJV1aqb/3ic/WwLco7jBeOEIUkoZq7djyo8K1LrVSxZvBAUveV+Y2qvz3
UrbdDeTaTqDZ+rgQjOTcMJsvLHwzcrD8DdhgAMt9FAsVZ+dxSsqrMBNxhtc5uRyf
bSTDyJc4epsC5S6IrjHaePdnv65tuIjC/JYmBvdshtp5j3aUnJUGWPhWuuhDLIjh
oxMn01QVy9KvVSQs3kqot8Ai8e1hXGnzwDUHEqPQLYzEi77v8HU=
=WL5N
-----END PGP SIGNATURE-----



 

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated