Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Apple Patches for CVE-2021-30807 SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Apple Patches for CVE-2021-30807

Apple has released another update (previous update was only about 5 days ago) to address CVE-2021-30807 that was discovered by an anonymous researcher. This update resolves an issue with IOMobileFrameBuffer which could allow an application to execute arbitrary code with kernel privileges [1], [2]. This issue may have been actively exploited.

As Apple has indicated that this issue may have been actively exploited, it is recommended that affected devices be updated as soon as possible.

Update: Technical details for CVE-2021-30807 can be found here [3].
Update 2: Apple has also released a corresponding update for WatchOS [4].

References:
[1] https://support.apple.com/en-us/HT212622
[2] https://support.apple.com/en-us/HT212623
[3] https://saaramar.github.io/IOMobileFrameBuffer_LPE_POC/
[4] https://support.apple.com/en-us/HT212713

-----------
Yee Ching Tok, ISC Handler
Personal Site
Twitter

Yee Ching

14 Posts
ISC Handler
Jul 30th 2021

Sign Up for Free or Log In to start participating in the conversation!